Identity Theft Statistics

Given the pace the online world operates at, the vulnerabilities of users are continuously being exploited by cyber criminals at a commensurate pace. Identity theft has emerged as one of the most serious and prevalent forms of cybercrime, especially for e-commerce customers. As these identity theft statistics we put together show, a substantial portion of information stolen in corporate data breaches subsequently results in further identity theft incidents.

While there is no part of the world completely untouched by the issue of identity thefts, the United States has maintained its unenviable position as the favorite target of global cyber crime. Because of this, and also because a bulk of the reliable data on identity thefts pertains to USA, we have assigned special focus to ID theft crimes in the country, as tracked by agencies like the Federal Trade Commission (FTC) and the Identity Theft Resource Center. This section answers important questions like “How many Americans are victims of identity theft each year?

After covering some data on different types of identity thefts, the final section is related to consumer and business attitudes towards cyber crime. Despite growing awareness of the basic steps one needs to take to ensure some degree of safety, a surprisingly high number of respondents in various surveys betray resistance to adopting these measures.

We are sure these carefully collected data points will help you develop a clearer understanding of the identity theft problem, including its extent, impact, causes, and possible means of control.

Want to keep your data safe? Then check out the best identity theft protection services to find your online shield!

Editor’s Choice: Top ID Theft Statistics

  • There were 16.7 Million ID theft victims In the US in 2017 leading to the loss of over $17 billion

  • In the past year, 446,515,334 personal records were exposed in the US, not including the 1.68 billion non-sensitive exposed records

  • 40% of consumers across the world have been targets of ID theft at least once

  • 8 million records per day were stolen in the first half of 2018 worldwide, leading to 3.3B  compromised data records

  • 1.3 million children have their identities stolen every year

  • Having a social media account increases the chance of ID theft by 46%

  • Famous data breaches in 2018:  Facebook, Google+, Quora, MyFittnesPal

  • The global average cost per data breach incident rose to $3.86 Million in 2018

1. More than 2 in 5 consumers worldwide have experienced a fraudulent event at least once

How common is identity theft? According to online fraud statistics from the consumer credit reporting company Experian, 40% of consumers across the world have been targets at least once. What country has the most identity theft? The highest incidence of such events is in the US and the lowest in the EMEA region. As the 2019 Global Identity and Fraud Report puts it, this means that even the marketplace that is the most effective in mitigating online fraud has potentially left a full third of its digital customers vulnerable.


2. 978M people across 20 countries reported experiencing cybercrime in 2017

How many people are affected by identity theft? Admittedly, while not all of these reported crimes mentioned above are related to identity theft, many of them do involve using false identities of consumers in some way. The distribution of the number of people affected by identity fraud in each country almost matches the distribution of population across countries, which means China, India, and USA occupy the three highest positions among the countries studied.


3. The number of identity theft victims in the US rose to 16.7M in 2017

How many identities are stolen each day? In the US, based on the above data, that figure comes to more than 45,000 identities stolen every day. The cost of identity theft in 2017 amounted to over $17 billion. However, 2017 was not the worst year in terms of losses caused by identity thefts. By comparison, 2012 was much higher at a loss value of $21.8 billion.


4. There were 174,523 incidents of identity fraud in the UK in 2017

Identity theft statistics worldwide show a growth trend outside the US also. In the UK, eight out of ten of the identity fraud cases occurred online. This is a 1% rise over 2016 and a massive 125% rise since 2007, showing that identity theft remains a massive problem. There are more than 450 identity theft cases reported in the UK every day.


5. There were 944 breaches leading to 3.3B data records being compromised worldwide in H1 2018

That’s more than 5 breaches causing more than a staggering 18 million records to be stolen every day in the first half of 2018! Compared to the same period in 2017, the number of lost, stolen or compromised records increased by 72%, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident. Of these 944, 189 (20%) had an unknown or unaccounted number of compromised data records. What is considered a data breach? A data breach is a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. How do data breaches happen? A data breach can occur in many ways. A criminal breach occurs when a cybercriminal successfully infiltrates a data source and extracts sensitive information. 


6. 41,502 data breaches were reported in Europe between May 2018 and January 2019

There is a silver lining to these concerning scam statistics, though. Since the General Data Protection Regulation (GDPR) took effect on May 25, 2018, there has been a marked improvement in voluntary reporting of data breaches in Europe. Pre-GDPR, only a few sectors like telecom and banking were obliged to report data breaches. The GDPR has also helped raise the public’s awareness of their rights under data protection law. What is a data breach GDPR? GDPR is a regulation in European Union law that aims to give control to individuals over their personal data and to simplify the regulatory environment for international business.


7. The global average cost per data breach incident rose to $3.86M in FY18

That would approximate to more than $3B lost in the first half of 2018. While the number of data breaches has come down marginally over the same period a year earlier, the average cost per incident has gone up by 6.4%. This is the objective cost businesses are paying to cyber criminals, and it is going up almost every year. What causes data breaches? Most data breaches are the direct result of cyber incidents, including phishing, malware, ransomware, brute-force attacks, compromised or stolen credentials, and hacking. Other methods include theft of paperwork or data storage devices, and breaches caused by rogue employees and other insiders.


8. 83% of all records stolen in H1 2018 involved identity theft

How often does identity theft occur? Identity theft has remained one of the most common types of data breaches, at least since 2013. While identity theft statistics 2018 show a drop in the number of identity theft breaches by 26% over the first half of 2017, the number of records stolen through these incidents increased by 757%, representing 83% of all records stolen. Data breaches statistics show a disturbing trend in the escalation of severity. Though overall incident numbers are on the decline H1 2017 vs. H1 2018 (171 for H1 2017 and 123 for H1 2018), the number of records breached increased H1 2017 vs. H1 2018 (2.7 million and 359 million) respectively.


9. 31.7% of data breach victims experienced loss of personal data in 2016

What is a breach of personal data? It refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. Therefore, identity theft is not only a type of data breach but is also one of the most common outcomes of data theft. 31.7% of breach victims in 2016 later experienced identity fraud, compared to just 2.8% of individuals not notified of a data breach in 2016.


10. 28% of organizations say customer information or customer passwords are the information of greatest value to cyber criminals

According to a global survey on data breaches in 2018, cyber criminals targeting organizations seem to be the most interested in stealing customer information. 12% say it’s the companies’ financial information, while another 12% say their strategic plans are the top information cyber criminals are looking for. Other categories that rank slightly lower in terms of threat perception are R&D information, M&A information, and intellectual property.


11. 55% of businesses worldwide report an increase in online fraud-related losses between 2017 and 2018

Within the US, the cybercrime statistics are even more serious, with 80% of businesses saying their fraud-related losses have increased. These losses are predominantly related to account origination and account takeover attacks, both particularly damaging to brand reputation.


12. The number of consumer records exposed containing sensitive personally identifiable information in the US jumped by 126% from 2017 to 2018

According to the latest report from the Identity Theft Resource Center, while the number of data breaches in the US came down by 23% from the all-time high of 1,632 in 2017 to 1,244 in 2018, there was a rise in the severity of these breaches. As a result, the number of personal records exposed in 2018 rose up to 446,515,334 from 197,612,748 in 2017, which correlates to the expected increase in the number of identity theft victims in 2018. This does not include an additional 1.68 billion non-sensitive records exposed.


13. In the US, identity theft makes up 13% of all recorded criminal complaints

The high identity theft percentage makes it one of the biggest crime prevention issues in the US. The figure is believed to have risen in the last two years with cyber criminals getting more sophisticated and the number of touch points where personal information can be accessed increasing.


14. The 30-39 age group experiences the highest number of identity thefts