What’s in a Name?

What’s in a Name? When to Worry About Identity Theft

Sadly, identity theft has become a fact of daily life. Every time we turn on the news, we hear about breached companies, “compromised” records, and stolen personal information. But what does that all mean? What is identity theft and how do you know if, or when, it’s happening to you? ​

If thieves steal card numbers through a store’s credit card readers, as happened with Target several years ago, is that identity theft? If you find out you were part of a data breach, as so many of us were with the Equifax breach this year, does that mean your identity has been stolen? If a hospital suffers a ransomware attack, are the patients’ identities at risk? You need to know what’s what in order to protect yourself, so let’s talk about the definitions of identity theft.​

Identity theft is defined as “the fraudulent acquisition and use of a person’s private identifying information.” If someone misuses your personal identifying information for financial gain, to get medical services, for criminal activities, etc., that’s identity theft. But there are other events that lead to identity theft.​

• First, your information has to be exposed to people who could misuse it. This can happen through criminal activities such as “hacking,” (aka “cyber attacks), where thieves access an organization’s computer systems to steal data. It can also happen in accidental ways such as someone throwing mail or medical records in the trash or a business person losing a laptop with customer information on it.
• After your information is exposed, it may or may not be “breached”, as in accessed by unauthorized individuals. For example, receipts thrown in the trash might never be discovered, whereas data stolen by hackers is already in the wrong hands.
• Once personal information is breached, identity thieves may sell it on the Dark Web to others who exploit it or they may use it themselves. You become a victim of identity theft when someone misuses your identity for their own gain.

So, what about credit card fraud or ransomware? Credit card fraud is technically a type of identity theft: someone is pretending to be you and misusing your credit card. It’s the most common type of identity theft and one that’s easy to correct because you’re not legally responsible for fraudulent charges and it’s easy to cancel a credit card and order a new one.

Ransomware is software that locks an organization’s data or computer systems until a ransom is paid. Supposedly, the hackers don’t actually steal the personal information in those systems, but they are still criminals. There’s no guarantee they won’t misuse information after a ransom is paid.​

The takeaway here is that a data breach or lost laptop doesn’t necessarily make you a victim of ID theft. But all of these events are steps on the road to identity theft, so if your personal information has been exposed, you need to be prepared to protect yourself. ​