4iQ is a identity threat intelligence company that monitors the internet for identity records exposed in data breaches and accidental leaks. The latest 4iQ identity breach report indicates that between 2016 and 2017 there was a 182 percent increase in raw identity records discovered by its team.
The report, "Identities in the Wild: The Tsunami of Breached Identities Continues", reveals 4iQ's detection of over three billion identity records curated from 8.7 billion raw records in 2017. Extracted from that data, 4iQ analyzed the details of close to 3,000 breaches it discovered--which are within the reach of threat actors.
To make matters worse, identity thieves' tactics have become more sophisticated. Forbes recalls that, “in the 1982 sci-fi movie Blade Runner, Deckard, a hard-bitten ex-detective played by Harrison Ford, had to track down replicants — robots who were so lifelike that it was almost impossible to tell man from machine. In the coming years, bankers will need the equivalent of Deckards on their staffs as they deal with one of the most serious problems facing the financial community: synthetic identity fraud.”
It’s not a fictional concept anymore, however. Referred to as synthetic identity theft, this type of fraud differs from traditional identity theft in that the perpetrator creates a new synthetic identity instead of stealing an existing one. The process begins with searching for inactive Social Security numbers, which will typically lead to the Social Security numbers of children. Fake addresses are linked to the kids’ Social Security numbers and then over time a credit rating is built for these identities as products and services are purchased on credit. Forbes notes that the threat actors, “eventually rack up debts of $20,000 or more on countless accounts only to disappear without a trace. Synthetic identity fraud is costing banks billions of dollars and countless hours as they chase down people who don’t even exist.”
Personal data breaches are the second most common cybercrime, according to the latest annual FBI/IC3 cybercrime report. Corporate data breaches are lower on the list, but some commercial breaches have widespread reach, such as the Equifax breach. Recently, it was revealed just how extensive a breach it was. In addition to a huge amount of people impacted, the level of detail is alarming--addresses, dates of birth, social security numbers, genders, phone numbers, driver's license numbers, credit card numbers, tax ID, and the state of driver's licenses exposed.
A case in point is an eleven-year-old boy from Kansas whose Social Security number was used to rent a car and open bank accounts and credit cards in Wisconsin. His mother, Wiesje Sammis, said she recently received a perplexing call from a Milwaukee County detective who asked if her son had rented a car. “I was, of course, like, 'Ummm no, he's 11,’" she said.
Sammis said her son Terrelle Lewis's identity was stolen and his Social Security number was being used. "I think it's kind of shocking. That you can do that these days," Lewis said. Police were able to locate the culprit at a Walmart in West Milwaukee. When asked for ID he presented a fake driver's license and a Social Security card with Lewis's number on it.
The suspect had apparently also rented a car in January, but never returned it. He also opened up several credit card and bank accounts. Lewis's mother said police informed her of the likelihood her son's Social Security number was purchased online. She believes it was acquired during a data breach of his health insurance company four years ago. "'There's no way somebody could take a child's identity. There's just no way' is what I thought," Sammis said, upon recollection.
And, now she is concerned that others may have his Social Security Number, as well. "I think this will impact him long term," she said.
Parents (and others) who need assistance with an identity theft situation, can visit IdentityTheft.Gov which is administered by the Federal Trade Commission (FTC). A credit freeze can also be requested, to prevent new accounts from being opened up.