Identity Theft Check

Run a search to uncover what data may have been compromised

Hint: Enter an email you think might have been compromised.


What is Identity Theft?

Identity theft is commonly defined as someone stealing your personal information without permission. In law enforcement, however, the definition of identity theft is more complex. According to the Department of Justice, identity theft occurs when "someone wrongfully obtains and uses another person's personal data in a way that involves fraud or deception, typically for financial gain."

Although identity theft has long been a problem, the digital age has made it much easier for criminals to access your personal data. Today, people bank, shop and even keep their medical records online. Digital convenience has also given rise to a host of new security risks.

In 1998, Congress passed the Identity Theft and Assumption Deterrence Act, which made identity theft a new category of federal crime. All 50 states and Washington, D.C., also have identity theft laws on the books, but just over half have restitution provisions for victims of identity theft.

It's hard to undo the financial and personal damage of identity theft. A 2017 study by the Identity Theft Resource Center (ITRC) showed that 26% of identity theft victims had to borrow money from family or friends after a crime and 22% had to take time off work to deal with the aftermath. One-fourth of victims sought professional help from a doctor or therapist to deal with the emotional fallout of becoming a victim. Learning how to protect yourself from identity theft is important for everyone in the digital world we live in today.

How common is identity theft?

In 2017, an all-time high of 16.7 million Americans were victims of identity theft or identity fraud, which coincided with a record number of data breaches that year. While there was a 14% drop in victims of identity theft in 2018 (14.4 million), the financial burden was higher than in prior years.

In 2016, about 1 million victims suffered financial losses from identity theft; that number more than tripled (to 3.3 million) in 2018. The total financial loss in 2018 was nearly $1.5 billion, a $406 million increase from 2017.

Georgia had the highest number per capita of identity theft crimes, while Iowa had the lowest. About 25% of all identity theft victims are age 60 or over, while 50% are under age 50.

Identity Theft Reports by State

The District of Columbia and Puerto Rico are included in the table but are not ranked. States are ranked based on the number of reports per 100,000 populations. Population estimates are based on 2017 U.S. Census population estimates.

Source: Federal Trade Commission

Types of identity theft

Legally, identity theft is any crime in which someone steals your personal information, but the theft can happen in many different ways. If you're wondering where an identity thief can access your information, here's a list of the most common sources:

  • Data breaches: This happens when cybercriminals hack an organization's records and steal identifying information. In 2018, nearly 450 million records were stolen in corporate and government data breaches.
  • Unsafe browsing: Most well-known websites are safe, but if you share any personal data on unsecure websites, you're vulnerable to identity theft. Look for the "s" in the site's URL: "http" is unsecure, but sites starting with "https" are encrypted and secure. If you see signs of malware—such as persistent pop-up ads, unusual links or search engine warnings—exit the page.
  • Dark web sales: When hackers get your information from a data breach or other nefarious activity, they'll often try to sell it on the dark web. Normal browsers can't access the information hidden on the dark web, where cybercriminals typically buy and sell stolen data and use it to commit financial crimes.
  • Phishing: Hackers send emails or text messages that appear to be from legitimate organizations, such as banks and retailers, in an attempt to get you to enter your personal information. If you click a link or fill out a form, the fraudsters steal your information.
  • Physical attacks: Although the digital world is where most identity theft occurs, there are still old-fashioned criminals who look through trash and mailboxes to snag credit card offers, financial statements and other mail with your personal information. Device theft is another type of physical attack; thieves who steal your phone or laptop can gain access to your personal data.

Once an identity thief has your personal information, he can use it to commit any number of financial crimes. The five most common, according to the Federal Trade Commission are:

  1. New credit card account fraud: The cybercriminal uses your personal information to open new credit card accounts and run up charges.
  2. Identity fraud: This happens when someone impersonates you to buy things on your shopping accounts or uses your identity to commit insurance, social media or email fraud, for example.
  3. IRS identity theft: Tax identity fraud occurs when someone uses your stolen information to file a fake tax return and claim a refund.
  4. New mobile phone account: This occurs when someone uses your information to buy a cellphone and service plan.
  5. Existing credit card fraud: This happens when someone uses your credit card number to make fraudulent purchases.
Top Five Types of Identity Theft

(1) Consumers can report multiple types of identity theft. In 2018, 17 percent of identity theft reports included more than one type of identity theft.

(2) Includes online shopping and payment account fraud, email and social media fraud, and medical services, insurance and securities account fraud, and other identity theft.

Source: Insurance Information Institute

How to protect yourself from identity theft

It's hard to prevent identity theft if you're targeted by a sophisticated hacker, but there are steps you can take to minimize your risk:

  • Be careful with your physical information. Although cybercrime is responsible for a lot of identity theft, thieves still target Social Security cards, bank statements and credit card offers you get in the mail. Never carry your Social Security card with you, and only carry the credit or debit cards you use on a regular basis. Collect your mail every day and shred any sensitive documents before you throw them away.
  • Don't give personal information over the phone. Scammers pretend to be bill collectors, IRS tax representatives, Social Security Administration agents, or representatives of a bank or business to get you to give up your personal data. Legitimate callers will not ask you for your full Social Security number; they may ask you to confirm the last four digits of your SSN, for example, or repeat your account PIN or passphrase. If you're not sure whether you should pick up the phone, you can use a reverse phone lookup to try and get more information on the number before you decide.
  • Avoid suspicious links. Email and SMS smishing scams are on the rise, and fraudsters are getting better at impersonating legitimate businesses. In one study, 97% of consumers couldn't recognize a phishing attack. Don't click on links that ask you to complete a form or accept an offer. Use an email lookup service if you want to try and gain some more information when you're not sure the sender is legitimate.
  • Pay attention to cybersecurity. Create strong passwords for all your online accounts—and don't use the same one for every site. Make sure your virus and malware detection software is up to date. If you don't use a VPN, avoid visiting sensitive sites (your bank or credit card company, for example) when you're using public Wi-Fi. Use two-factor authentication (2FA) with any site that offers it. This security measure makes you verify your ID by entering a one-time code delivered by text to your phone or other device before you can access your account. Even if an identity thief has your account number and password, he won't be able to log in without the code.
  • Monitor your account statements and credit report. Check your financial statements carefully each month for unauthorized transactions—these may indicate a hacker has your information. Periodically review your credit report for new accounts opened in your name.

How to check for identity theft

Most consumers don't know their identity has been stolen until it's too late. Even if you're careful about reviewing your account statements and credit reports, any suspicious activity you find is evidence that identity theft has already occurred.

Identity monitoring is a service that scans the dark web for signs your personal information may have been stolen or compromised. If your data is exposed, you get an alert so you can take steps to prevent financial loss and damage to your reputation that can result from identity theft.

How can BeenVerified help?

BeenVerified's identity monitoring service scans the dark web, which can't be accessed from a regular browser, searching for signs your identity may have been compromised. You're notified if your data is detected on the dark web so you can take steps to prevent identity theft or minimize the damage.

Most people have no idea they've been a victim of a data breach—and no idea how to check if identity theft has occurred. In 2017, more than 158 million Social Security numbers and 14 million credit card numbers were exposed in data breaches; it's estimated that personal data affecting 40% of the U.S. population has been compromised by a data breach.

It's more important than ever to know how to better protect yourself from identity theft. BeenVerified's identity monitoring service shines a light on the dark web to help give you control over your personal information.

See what others have found