District residents and visitors might want to hold on to their wallets — and vigilantly protect their personal information.
A new study from the District-based personal finance website WalletHub found that D.C. has the most cases of identity theft and fraud in the nation.
California, Nevada, New Hampshire and South Carolina rounded counted as the other states with the most identity theft and fraud. Maryland ranked 25th overall while Virginia was 33rd on the list.
WalletHub officials noted that in recent years, many Americans’ personal information has become compromised by big data breaches. In 2019 alone, prominent companies such as WhatsApp, Quest Diagnostics, Microsoft, ASUS and Capital One have fallen victim to cybercriminals.
According to the Identity Theft Resource Center’s most recent Data Breach Report, between Jan. 1, 2005, and Aug. 31, 2019, there have been 10,818 breaches. That accounts for over 1.6 billion records compromised, according to WalletHub.
The federal government and various businesses in recent years have taken more aggressive measures to build up defenses. One big concern is not just hacking on the individual level, but cyberattacks by foreign governments to gain leverage.
The United States recently signed a new cybersecurity agreement, which condemns cyberattacks on civilian targets.
Despite this, criminal strategies continue to evolve and grow in sophistication, keeping consumers vulnerable to identity theft and fraud, according to WalletHub.
But some Americans are more susceptible than others to such crimes. To determine who is most likely to be exposed to and affected by identity theft and fraud, WalletHub compared the 50 states and the District of Columbia across 15 key metrics. Their data set ranges from identity theft complaints per capita to average loss amount due to fraud.
“Identity theft isn’t black and white,” said Frederick Scholl, a WalletHub expert and director of its cybersecurity program. “Your identity can be stolen over time, based on your own poor security practices.
“Identity information includes credit and debit card numbers, personal information, bank account numbers and health records,” said Scholl, also an associate teaching professor of cybersecurity at Quinnipiac University. “You should make sure not to click on questionable links, do not browse to sites you are not sure of, do patch software on your systems.”
There are numerous companies providing identity protection, and individuals can do most of what they provide on their own, said Hossein Sarrafzadeh, a St. Bonaventure University professor and chair of the university’s cybersecurity department, as well as director of its Western New York Cybersecurity Center.
“This can, however, take some effort,” Sarrafzadeh said. “In short, the biggest advantage in using third-party services is saving time.”
Identity theft services offer credit monitoring, identity monitoring, identity restoration and identity theft insurance, but they do not cover all threats such as medical identity and tax return fraud.
Although identity theft services are useful, they do not prevent fraud, Sarrafzadeh noted.
“If you decide to use such a service, you need to look at what they offer and if the offerings are what you need,” he said. “Government departments and private companies often offer individuals affected by a data breach complimentary identity theft services for five to 10 years in some cases.”
To view the full report, go to wallethub.com.