Data Breach Notifications: Victims Face Four Times Higher Risk of Fraud

Data Breach Notifications
Download Download Brochure
Purchase Report Purchase Report
Contact Us Have a question?? Call us at (925) 225-9100 ext. 2 or email us
View Cart View Cart


If a consumer gets a data breach notification letter, they are four times more likely to suffer identity fraud within the next year. Data breach notifications were intended to help consumers take protective action when their private data is exposed. But there seems to be a disconnect between data breach notifications and consumer understanding of possible outcomes of data breaches. New data shows that consumers who have received data breach notifications within the past year are at a much greater risk for fraud than the typical consumer. Yet, these same consumers rarely attribute the fraud to their data breach exposure. This report also contains an update of data breaches for 2009, implications of changes to the legislative landscape, and the technical means by which data breaches occur. Finally, a timeline of several of the recent, most egregious data breaches in U.S. history (including who, how, where and when) is included.

Primary Questions

  • Is there a link between data breach notification letters and identity fraud?
  • Are data breach notification letters working?
  • In the face of escalating data breaches, what should financial institutions and other companies do to protect brands and customer loyalty?
  • How do victims respond to breach notification, and how does this impact their relationship with their financial institution?
  • Are paper or electronic records most vulnerable?
  • How are criminals obtaining data records?


This report is mainly based on consumer data collected from Javelin’s annual Identity Fraud Survey. The survey is conducted each year using computer-assisted telephone interviewing (CATI) via random-digit dialing from 4,784 respondents in October 2008, 5,075 respondents in October 2007, and 5,000 respondents in October 2006. The surveys targeted respondents based on representative proportions of gender, age and income compared to the overall U.S. online population.

For questions answered by all 4,784 respondents, the maximum margin of sampling error is +/- 1.4% at the 95% confidence level.

For questions answered by all 487 identity fraud victims, the maximum margin of sampling error is +/- 4.4% at the 95% confidence level.

For questions answered by a proportion of all identity fraud victims, the maximum margin of sampling error varies and is greater than +/- 4.4% at the 95% confidence level.

Some data also came from, an open community research project that documents known and reported data loss incidents worldwide. This information was accessed at on Sept. 30, 2009 and was used to help compile figure 7.

Some data also came from the Identity Theft Resource Center, a non-profit organization that compiles information about public data breaches to help understand and prevent identity theft. This information was accessed at on Sept. 30, 2009 and was used to help compile figures 8-12.

Preview of Data Breach Notifications by , Robert Vamosi, Risk & Fraud Research Analyst

Companies Mentioned

7-Eleven Hannaford Payment Systems
America Online Heartland Payment Systems
Barnes and Noble J.C. Penny
BJ's Wholesale Club Lowe's Hardware
BNY Mellon OfficeMax
Boston Market RBS World Pay
CardSystems Target
Dai Nippon Printing TJX
Dave & Busters T-Mobile
DSW Shoes Verizon
Forever 21 Visa
GS Caltex Wal-Mart

{cms_selflink page='landpage-158' text='More Information'}

Download Sample Report

Please fill out form to receive a copy of our Data Breaches Brochure Sample Report.