Identity theft is costing the British £4bn a year

Since 2013 over 140 million files have been compromised, consisting of documents, passports and bank statements.
16 August 2022

Identity theft are costing the brits £4bn a year. (Photo by CELSO JUNIOR / AE / AFP)

  • One of the most common motivations for data hacking is identity theft, and the latest data shows it accounts for 63% of all cases.
  • Across the UK, roughly 28 million data breaches are recorded each year.
  • The UK ranks fifth when it comes to national total data breaches, with over 140 million files stolen or breached since 2013, trailing only the USA, India, China, and South Korea.

Back in the days before the internet was ubiquitous, most identity theft took place when individuals physically walked from shop-to-shop using stolen personal details for a handful of reasons. Leap forward to today, and 63.1% of the world’s population is connected to the internet and when it comes to data sharing online, we know there is no putting the genie back in the bottle. Today, the internet is the key platform from which to launch fraud attacks, mainly due to the vast amount of personal information that can be harvested online.

The problem is, when an asset like personal data becomes this valuable, demand for it soars. It’s a very simple economic principle, but it is this very vector that opens up a multitude of threats.  Whether it’s stolen and sold to the highest bidder, held to ransom, or shared without consent with third parties, personal data is manipulated every second of every hour of every day. The growth in cybercrime-as-a-service (CaaS) is another example of how the internet has supported the evolution of identity theft through the trading of sophisticated fraud products via online marketplaces – including products such as bespoke phishing kits and ransomware services.

In the UK, new research has shown that data breaches driven by identity theft, since 2013, are costing the country nearly £4 billion every year, and a total of over 140 million files have been compromised in the same period, consisting of documents, passports and bank statements. Credas Technologies, an identity verification check provider, revealed that identity theft is the driving factor behind 28 million data breaches across the UK each year, which is estimated to cost the UK £3.7 billion on an annual basis. 

Fraud in the UK has surged by 22% in just the past year, with 226,000 ID fraud cases reported. In 2021 alone, the UK lost £2.5 billion in fraud and cyber-crime cases, with nearly half of Londoners saying the financial services sector was more vulnerable to fraud and scams than ever before. Credit card fraud has also surged with the UK called the “credit card fraud capital of Europe” by the Social Market Foundation. Brits also fall victim to scammers more than other European countries.

On a global level, it is estimated that there have been close to 10 billion digital data records stolen or breached since 2013. The UK ranks fifth when it comes to national total data breaches, with over 140 million files stolen or breached in this timeframe, trailing just the USA, India, China, and South Korea. 

“One of the most common motivations for data hacking is identity fraud, and the latest data from the National Fraud Database (NFD) shows this fraudulent practice accounts for 63% of all cases of fraudulent conduct. What’s more, cases of identity fraud across the UK have increased by 22% in the past year alone,” the report stated.

“All of the most important financial elements of our lives are now handled online. We have passwords and logins for everything from our current accounts to our pension pots and we also apply for new bank accounts, mortgages, rental properties and more online,” Credas Technologies CEO Tim Barnett explained. “While this brings great convenience, it also leaves you vulnerable to criminals and today, the lengths these criminals will go to are advancing at a faster rate than some businesses and organizations are improving their digital security,” he added. 

Tim said companies big and small need to make sure they’re doing all they can in the fight against online criminality, and while that starts with ensuring they have a robust and unbreachable technology infrastructure, it also involves verifying the identity of consumers before they have the opportunity to infiltrate our society. “This is really the absolute minimum that should be done, and with many companies choosing to do this manually, it allows far too many to slip through the cracks, enabling them to conduct criminal activities at ground level,” he said.