Your Data's Gone, But That Doesn't Necessarily Mean Fraud Will Follow - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

Your Data's Gone, But That Doesn't Necessarily Mean Fraud Will Follow

Less than 3% of all stolen data actually ends up being used to commit fraud, according to industry experts.

While fear of stolen customer data and identity fraud leave many IT and security executives tossing and turning at night, experts point out that data theft, while a very real concern, infrequently leads to identity theft and fraud.

While the theft of millions of cardholder records is indeed a problem, several security professionals throughout Visa's security summit pointed out that a small fraction of those cardholder records will actually be used to commit fraud. "Less than 3% of all stolen data actually ends up being used to commit fraud," says Bryan Sartin, VP of investigative response for security service provider Cybertrust.

It's a distinction that few consumers make. Javelin Strategy & Research Thursday released findings from a study indicating a strong relationship between a consumer's perception of a retailer's reputation for safeguarding card account data and the consumer's willingness to shop there. Based on the Javelin study, which surveyed 1,200 credit or debit cardholders in February, consumers believe retailers share an equal responsibility with banks, credit card companies, processors, and cardholders themselves for protecting their credit and debit card account information.

Retailers are perceived to be the weakest link in this chain, according to 63% of respondents. Even worse, whether or not the retailer is responsible for a data breach, 49% of respondents would judge the retailer as the most likely source of the compromise.

Yet identity fraud is leveling off. In fact, the total amount of fraud is on the decline in the United States, down over the past year from $55.7 billion to $49.3 billion. The average identity theft victim within the past year paid $587 out of pocket when a thief targeted an existing financial account or payment card. When a thief used the stolen identity information to open new accounts, the victim was set back $617 on average.

How a company responds to data theft is often more telling than the data theft itself. There are different sides--law enforcement, corporate legal counsel, company executives, and customers--who want data theft to be revealed publicly more or less quickly, depending on what's at stake for them, according to James Lee, senior VP and chief public and consumer affairs officer for ChoicePoint, the company most associated with data theft and loss in recent years. "Err on the side of the consumer, even though they aren't the only stakeholders," Lee said Thursday at Visa USA's security summit in Washington, D.C. ChoicePoint is a provider of information services, marketing, risk management, pre-employment screening, and background checks.

Regardless of how quickly you respond, "you are going to be sued," Lee quipped, adding, "You are going to meet many new and interesting friends who work for government agencies with three letters." The way to survive investigations subsequent to a breach is to provide as much information as possible.

In fact, Lee said the courts dismissed a number of consumer complaints against ChoicePoint in part because of the company's efforts to communicate the public.

"Tell people how you fixed it and then look for other problems before they happen," he said. "Embrace the horror and talk to your critics. Be patient, it's a long road from scoundrel to elder statesman, and one that takes years."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
Commentary
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
News
Data Science Salary Survey Reveals Market Shift
Jessica Davis, Senior Editor, Enterprise Apps,  6/27/2019
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll