Of the 16 million victims notified in 2012 that their payment card information was compromised in a data breach, more than 25 percent of them also suffered identity theft.
That is the finding of a new study, Data at Rest is Data at Risk: Confronting a Singular Threat to Three Major U.S. Industries conducted by Javelin Strategy & Research and commissioned by Identity Finder.
The newly-released report reveals that a disturbingly high rate of customers who received data breach notifications in 2012 were also victims of identity fraud. Javelin’s study also reveals payment card and Social Security number data breach victims suffer the highest rates of related fraud.
The study examines three high-risk industries: retail, financial and healthcare, and also provides best-practice advice for sensitive data management.
According to the study, retailers will remain prime targets for payment card breaches and fraud as long as payment cards remain a commonly accepted and popular payment method. Financial institutions will continue to be top targets because of large amounts of client data they store, including account information and payment card data.
“By breaching the data stores of businesses in the financial, healthcare and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences,” said Al Pascual, senior analyst of security, risk and fraud at Javelin Strategy & Research.
“Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses.”
To protect data-at-rest from compromise and subsequent misuse, Javelin recommends ongoing risk assessments for the financial industry, healthcare organizations (including their business associates) and retailers.
data breaches, identity theft, Javelin Strategy & Research, Identity Finder
