A report by Carnegie Mellon's CyLab has found that identity theft is a growing concern for children. In a scan of 42,000 US child IDs, CyLab found that more than 10 per cent of kids had someone else using their Social Security number.
Why are kids such a good target? Parents aren't paying attention. However, parents should pay attention, since CyLab found that children had a 51 per cent higher attack rate than adults. The problem is likely to get worse as more kids go online at a younger age.
CyLab scanned more than 42,000 child IDs by identify protection company Debix and found that:
- 4311, or 10 per cent of children, had someone else use their Social Security numbers;
- these IDs were used to buy homes, cars and open credit lines;
- the largest fraud was US$725,000 against a 16-year-old girl;
- the youngest victim was five-months-old and 303 victims were under five; and
- there were 1767 cases where a child's Social Security Numbers were found in utility records.
CyLab noted that the report isn't scientific. It's not aimed to project total child identity theft incidents. What the report aims to do is highlight the issue. The upshot is that children are good targets for identity thieves.
From the report:
This child identity theft report is not based on survey results. It is based on identity protection scans on 42,232 children (age 18 and under) in the US during 2009 to 2010. This pool of 42,232 child identities includes everyone under 18 in a database of over 800,000 identity records.
The participants were enrolled in the Debix AllClear ID Protection Network after receiving notice that their personal information may have been compromised during a data breach. Excluded from this report were children and adults who were affected by data breaches that resulted in targeted attacks against the population.
Note: The attacks do not appear related to the data breach events. For example, 78 per cent of the child attacks occurred prior to the data breach events. Moreover, the attack rate for the adults affected by these same data breaches is very low at 0.2 per cent — below the national average of one per cent for the general population (Source: Javelin 2010).
The report's author, Richard Power, concluded:
Although the data's statistical significance is yet to be determined, it is certainly profoundly significant on a practical, human level to the thousands of children and families who have thus been victimised. Furthermore, from my perspective, having tracked the evolution of cyber crime over two decades, it is only common sense to surmise that the problem goes beyond those breached accounts included in this report, and that there are many thousands more children and their families at risk.
There's also a passage in the report from Allessandro Acquisti, a Carnegie Mellon researcher, who discovered that it's easy to cull Social Security numbers from public data. In fact, it's easier to get Social Security numbers from people born after the 1990s. The child identity theft and the vulnerability of Social Security numbers could be a dangerous combination.
Via ZDNet US