Cybercriminals stole $16.8 billion worth of personal data in 2017

Radu Tyrsina
by Radu Tyrsina
CEO & Founder
1 Comments
Download PDF

personal data theft

Businesses’ efforts to combat fraud were not very successful in 2017 because it turns out that cybercriminals stole $16.8 billion personal data last year according to the latest researches.

A new identity study states that the number of victims increased by 8% in 2017 compared to 2016 and it reached 16.7 million people last year. This is, unfortunately, the highest number of victims since the phenomenon started to be measured about 15 years ago by the research company Javelin Strategy & Research.

Fraud is becoming more complex

Embedded chip cards made it possible for the fraud to shift online, so it went beyond physical stores. Fraudsters are becoming more and more adapted to the newest technologies, and they are continually improving their criminal techniques.

It seems that there’s a change in the way that fraud was committed last year because cybercriminals opened a massive number of intermediary accounts including e-commerce services on Amazon and email payments made via PayPal.

The main findings of the fraud-related research

data theft phishing

  • 35% Social Security numbers were compromised and 30% credit card numbers in breaches.
  • 64% of consumers were victims of identity fraud in 2017, and this means a million more compared to 2016.
  • Account takeover tripled over 2017 compared to 2016 and victims had to pay about $290 and spend around 16 hours to resolve the issues.
  • Cybercriminals are using more complex methods to devise monetization schemes.
  • Consumers are losing trust in institutions due to data breaches.

The Equifax data breach might be connected to the fraud

The same survey mentioned about says that the Equifax breach has something to do with what happened in 2017 – the fraud rose from 51% in 2016 to 69% in 2017. The Equifax breach is extremely dangerous for the victims because cybercriminals can use the stolen data to craft even more convincing campaigns for phishing. This is serious because phishing is blamed for 9 out of 10 data breaches.

Other severe examples of data breach are WannaCry contagion from May 2017 and GoldenEye/Petya a few months after that.

General Data Protection Regulation will be implemented shortly, and businesses all over the world should consider enhancing their IT security as soon as possible.

Speaking of improving security, check out the following articles to learn how you can protect your online privacy:

  • Identity fraud, card fraud and cybercrime are growing so fast ONLY because we rely on unreliable signature, PIN and password systems to conclude our transactions. These crimes will be STAMPED OUT forever only if we make all these three systems RELIABLE and FOOL PROOF as described below. It is as simple as that.

    Smart electronic and digital systems are failing to deter fraud and cybercrime because none of them make signature, PIN and password systems reliable and fool proof. In reality these systems make bad problems worse by 1) diverting crimes to other sectors and 2) provide criminals new loopholes to take advantage of.

    Signature system is unreliable because in the event of crime signature does not even expose fraudster’s gender. We should have realised this serious mistake years ago. To make signature reliable all we have to do is to apply our ID sticker (supplied by financial institutions with our photo, name and their logo printed on it to the document and countersign. This system will make signature system reliable because in the event of crime it will expose fraudster’s identity (photo and traces of thumbprint). Oh Current signature system is like passports without photos and that is why it is so difficult to deter and prosecute fraudsters.

    PIN system is unreliable because fraudsters have options to pick them. We should have realised this serious mistake years ago. To make PIN reliable all we have to do is to store PIN on key size thumbprint activated memory stick. This will act like contactless card but reliable because of activation only by thumbprint. Call this electronic pin EPIN. We also have option to change EPIN to different value after each transaction. Fraudsters will not get tempted to do card fraud at retail outlets, ATMs and even online card payment because they will not be able to pick our EPIN the way they pick our PIN. Unlike other bulky devices like mobile phones, these ID key will be safe in our pocket with other keys and so it will not get stolen or damaged. In realty these ID smart key could replace plastic cards and even passports in future.

    Password system is unreliable because hackers have options to pick our passwords from our computers, mobile phones etc. We should have realised this serious mistake years ago. If we use our EPIN from memory stick as password then cybercriminals will not be able to pick them the way they do pick our current passwords. Use of EPIN to validate online card payment will combat online card payment fraud too.

    Protecting the public from becoming victims of these criminals is the responsibility of any government.

    If you agree that banks should implement these systems then please forward this information to your banks.

    Thank you.