Introduction
Identity Theft Statistics: Identity theft has become one of the fastest-growing cybercrimes in the digital economy. The increasing number of online financial services, government systems, and personal communications has led criminals to target personal data, which includes Social Security numbers, bank credentials, login passwords, and biometric identifiers. Identity theft occurs when attackers illegally obtain and use this information to commit fraud, open financial accounts, steal funds, or access services in someone else’s name.
The global identity theft problem continued to grow throughout 2025 as digital ecosystems expanded, and data breaches became more common, and advanced fraud techniques will emerge, which include artificial intelligence-powered scams and social engineering attacks. Research shows that identity fraud now costs billions of dollars every year, while it impacts millions of victims throughout the world.
Editor’s Choice
- The Identity Theft Resource Center reported 1.35 billion victim notifications from data compromises in the U.S. during 2024.
- The Federal Bureau of Investigation Internet Crime Report recorded 859,532 cybercrime complaints in 2024.
- The Federal Trade Commission Consumer Sentinel Network received 6.47 million complaints in 2024, with 18% linked to identity theft.
- 64% of identity theft victims lack identity theft protection services, which increases their chances of becoming fraud victims.
- Approximately 30% of Americans have experienced a corporate data breach, which shows that data exposure occurs on a widespread basis.
- The identity theft protection services market is expected to grow from USD 12.5 billion in 2023 to USD 34.7 billion by 2032, with a 12.4% CAGR.
- 503,450 credit card fraud cases were reported between Q1 and Q3 2025, which shows a 54% increase when compared to the previous year.
- Loan or lease fraud reached 178,210 cases, showing 37% annual growth in financial identity fraud.
- The United States recorded 3,322 data breaches in 2025, which exposed the personal information of 278.83 million people.
- The 40 to 49 age group contains people who experience the highest identity theft risk because they have 168.14 cases per 100,000 people.
- Total U.S. identity fraud losses reached USD 47 billion in 2024, which continues to increase after reaching USD 38 billion in 2022.
- Phishing scams generated 193,407 complaints, which makes them the most frequently reported cybercrime attack vector.
General Identity Theft Statistics
- The Identity Theft Resource Center 2024 Annual Data Breach Report states that the United States experienced its second-highest data compromise total since 2005.
- Five major breaches alone exposed between 100 million and 560 million individuals each, which accounted for 83% of the 1.35 billion victim notifications issued, demonstrating the massive scale of personal data exposure and cybersecurity failures.
- Cyber fraud attacks have become more financially damaging because complaints declined 2.4% year-over-year while financial losses increased from USD 12.5 billion in 2023 to USD 16.6 billion.
- The Federal Trade Commission Consumer Sentinel Network reported 6.47 million complaints during 2024, with 40% of those complaints linked to fraud and 18% of the complaints connected to identity theft.
- Identity theft cases showed credit card fraud as the main cause, which accounted for 43.9% of the total cases, and showed miscellaneous fraud as the second most common cause, which included e-commerce and social media scams.
- The existing situation shows that consumer protection against identity theft remains inadequate because 64 % of identity theft victims do not have identity theft protection, while 44 % of victims choose to take legal action after experiencing fraud.
- Surveys from U.S. News & World Report indicate that around 30% of Americans have experienced a corporate data breach, which causes over 300000 people to fall victim to phishing attacks every year.
Identity Theft Protection Services Market Size
(Source: market.us)
- According to market.us, the identity theft protection services market is experiencing strong growth because of increasing demands for cybersecurity solutions, digital trust systems, and personal data security measures.
- The market is projected to grow from USD 12.5 billion in 2023 to approximately USD 34.7 billion by 2032, registering a robust compound annual growth rate (CAGR) of 12.4% between 2024 and 2033.
- The rapid growth of these sectors results from the rising incidents of identity fraud, data breaches, phishing attacks, and financial cybercrime activities that target both consumers and businesses.
- Organizations around the world are increasing their investments in identity monitoring, fraud detection, credit monitoring, and identity restoration services because of the global rise in digital transactions and online identity use.
- The rising regulatory requirements for data privacy compliance and cybersecurity framework implementation are driving faster adoption of solutions.
| Type of Identity Fraud | Reported Cases, 2025 Q1-Q3 | Year-Over-Year Percent Change |
| Credit card fraud | 503,450 | 54% |
| Other identity theft | 379,898 | 47% |
| Loan or lease fraud | 178,210 | 37% |
| Bank fraud | 96,522 | 12% |
| Employment or tax-related fraud | 74,171 | 1% |
| Phone or utilities fraud | 67,675 | 8% |
| Government documents or benefits fraud | 57,360 | 5% |
(Source: fool.com)
- The Federal Trade Commission (2025) report shows that financial fraud, digital identity theft, and cybercrime have increased, which demonstrates the urgent requirement for improved identity protection services and cybersecurity systems throughout financial networks.
- Credit card fraud dominance exists because 503,450 cases of the crime were reported from Q1 to Q3 of 2025, which shows a 54% increase from the previous year.
- Fraudulent activities have become more advanced because they now target online payment systems, digital banking platforms, and e-commerce websites.
- The category labelled “other identity theft”, Credit card fraud remained the dominant threat, with 503,450 cases reported, which showed 47% growth from the previous year, showing that personal data misuse, account takeovers, and digital identity manipulation have become more dangerous.
- Loan or lease fraud reached 178,210 cases, which showed a 37% increase because criminals now target credit approval systems and financial lending platforms.
- Bank fraud cases increased to 96,522 with a 12% rise, while phone and utilities fraud cases reached 67,675, which showed an 8% increase because telecom-related identity scams have spread.
- The two fraud categories that show lower growth rates include employment or tax-related fraud, which exists at 74,171 cases, and government benefits fraud, which exists at 57,360 cases.
U.S Identity Theft Reports
| Year | Identity Theft Reports |
| 2019 | 650,000 |
| 2020 | 1,388,532 |
| 2021 | 1,434,477 |
| 2,022 | 1,107,004 |
| 2,023 | 1,036,855 |
| 2024 | 1,135,291 |
| 2025 Q1-Q3 | 1,157,317 |
(Source: fool.com)
- The Federal Trade Commission data reveal that identity theft cases, digital fraud incidents, and cybersecurity attacks have increased dramatically throughout the United States during the last few years.
- In 2019, the country recorded 650,000 identity theft reports, but the situation escalated sharply in 2020, when cases jumped to 1,388,532, more than doubling within a year as digital transactions and online services expanded rapidly.
- The upward trend continued in 2021, reaching 1,434,477 reports, which created one of the highest levels of identity fraud and personal data misuse that researchers have ever documented.
- The number of reports decreased in 2022 to 1,107,004 and in 2023 to 1,036,855, but the current numbers still exceed the levels from before the pandemic because organizations continue to face cybersecurity weaknesses and data privacy challenges.
- In 2024, identity theft reports rose again to 1,135,291, while 2025 Q1–Q3 alone recorded 1,157,317 cases, which indicates that the total for the entire year will probably surpass previous totals.
Age-Based Identity Fraud Risk
| Age Group | Reports/100K | Median Loss | Risk Level | Key Vulnerability |
| 40-49 | 168.14 | $432 | Highest Combined | Peak earning years, high targeting |
| 30-39 | 166.60 | $375 | High | High volume, moderate losses |
| 20-29 | 150.84 | $322 | High | Payment app fraud, job scams |
| 70-79 | 149.51 | $1,000 | Moderate | Investment scams |
| 60-69 | 138.07 | $638 | Moderate | Investment scams ($501.8M lost) |
| 50-59 | 132.76 | $500 | Moderate | Romance scams & investment scams |
| 80+ | 77.30 | $1,964 | High (Loss Severity) | Highest median loss, government imposters |
| 19 & Under | 21.83 | $150 | Low | Lowest risk, but still vulnerable |
(Source: omniwatch.com)
- The data on identity theft demonstrates that cyber fraud risk displays different patterns across various age groups, which depend on their income levels, their digital usage, and their time spent on financial services.
- The 40 to 49 age group has the highest total risk because they experience 168.14 cases per 100000 people, which leads to a median loss of USD 432 because their high incomes attract more cybercriminals.
- The 30 to 39 age group shows a rate of 166.6 reports per 100000 people, which results in a median loss of USD 375 because they use online banking, e-commerce, and digital payment systems excessively, which creates a greater danger of identity theft and financial fraud.
- Younger adults 20 to 29 display 150.84 reports per 100000 and a USD 322 median loss, which usually occur because of payment app fraud, job scams, and social engineering attacks.
- The number of incidents decreases for older adults, but they experience greater financial losses. The 80+ age group reports the highest median loss at USD 1,964, which results from government imposter scams and financial manipulation.
- The 19 and under group shows the lowest risk level with 21.83 cases per 100,000, but they still face risks from digital identity theft and online fraud.
Number Of Data Compromises And Impacted Individuals In The U.S.
(Source: statista.com)
- The latest data published by Statista highlights the growing scale of data breaches, cybersecurity incidents, and digital privacy risks in the United States.
- The country experienced 3,322 data compromise cases in 2025, which affected more than 278.83 million individuals, thus demonstrating the critical requirement for improved data protection and digital trust frameworks.
- The term data compromise describes three types of incidents, which include data breaches, data leaks, and unauthorized data exposure that result in cybercriminals or unauthorized threat actors accessing sensitive personal or financial information. Such incidents increase risks related to identity theft, financial fraud, and personal data misuse.
- Certain industries remain significantly more vulnerable because they handle large quantities of sensitive data, which they maintain across their operations.
- Financial services, healthcare, and professional services sectors experience the highest number of cybersecurity breaches because these industries handle critical financial data, medical records, and proprietary company information.
- Healthcare organizations have experienced a continuous rise in data breaches, which demonstrates the increasing difficulty of safeguarding patient information and electronic health systems and medical databases from digital threats.
Shifting Cybersecurity Behaviors Among U.S. Consumers After Identity Theft Incidents
(Reference: statista.com)
- The data shows how U.S. consumers’ cybersecurity practices changed after they experienced identity theft, which demonstrates their digital security progress and their new digital security knowledge gaps.
- The 2024 survey results show that 63% of respondents created long, unique passwords that they used for all their accounts, an increase from 50% in 2023, which indicates stronger adoption of password security practices.
- The percentage of users who restrict their social media posts decreased from 57% in 2023 to 47% in 2024, and the percentage of users who refuse to share information through phone calls dropped from 43% to 38%.
- The percentage of people who limit their social media post visibility declined from 48% to 43%, and the percentage of people who use instant payment services as their only transaction method decreased from 41% to 37%.
- The percentage of people who avoid clicking on suspicious email links remained constant between 53% in 2023 and 52% in 2024.
- The statistics demonstrate that consumers have increased their password management efforts, while their online privacy and identity protection measures show decreasing effectiveness.
Digital Fraud Trends Across Industries
- The TransUnion 2024 report shows that digital fraud, identity theft, and online scam operations show different patterns of activity across various business sectors.
- Cybercriminals use these trends to attack businesses that handle large transaction volumes and possess critical customer information, and utilize electronic payment systems. (TransUnion’s 2024 State of Omnichannel Fraud Report)
- Online communities and social platforms report the highest suspected fraud attempt rate at 11.5%, with a 22.3% year-over-year increase, mainly driven by profile misrepresentation, romance scams, and social engineering fraud.
- The video gaming industry comes next with an 11.4% fraud attempt rate because digital gaming ecosystems face ongoing threats from scam solicitation and in-game fraud operations.
U.S. Identity Theft Hotspots States
| Rank | State | Reports per 100K: Y2D 2025 (vs 2024) | # of Reports (2024) | Regional Pattern |
| 1 | Florida | 617 (vs 528) | 115,840 | South |
| 2 | Georgia | 585 (vs 517) | 55,955 | South |
| 3 | Nevada | 461 (vs 466) | 14,631 | West |
| 4 | Texas | 434 (vs 393) | 116,484 | South |
| 5 (⇡3) | Louisiana | 405 (vs 346) | 15,991 | South |
| 6 (⇡3) | Illinois | 401 (vs 339) | 43,028 | Midwest |
| 7 (⇣2) | Delaware | 390 (vs 392) | 3,942 | Northeast |
| 8 (⇣1) | California | 345 (vs 356) | 139,665 | West |
| 9 (⇡1) | Maryland | 345 (vs 324) | 19,990 | Northeast |
| 10 (⇡7) | Mississippi | 344 (vs 268) | 7,903 | South |
| 11 (⇡2) | South Carolina | 334 (vs 291) | 15,146 | South |
| 12 (⇣1) | New Jersey | 318 (vs 313) | 29,037 | Northeast |
| 13 (⇡3) | Alabama | 314 (vs 269) | 13,596 | South |
| 14 (⇡5) | North Carolina | 297 (vs 260) | 27,468 | South |
| 15 (⇣1) | New York | 297 (vs 295) | 58,692 | Northeast |
(Source: omniwatch.com)
- The most recent identity theft statistics demonstrate specific regional patterns that show how cybercrime, identity fraud, and financial data theft activities occur throughout the United States.
- The citizenry of particular states demonstrates elevated identity theft incidents, which reach 100,000 residents, thus proving their fraudulent activities target specific security weaknesses.
- Florida, which provided 617 identity theft cases per 100,000 residents for 2025, experienced a rise from its 2024 total of 528 cases, while 115,840 identity fraud reports were generated during that period.
- The state became a major target for internet-based identity theft and digital fraud because its people conduct extensive online banking activities, while its economy depends heavily on tourism.
- Georgia follows with 585 cases per 100 000 residents, totaling 55 955 reports, while Texas ranks fourth with 434 cases per 100 000 residents and 116 484 total incidents, reinforcing the Southern region as the most affected identity theft hotspot.
- The Western states present significant criminal activity. Nevada records 461 reports per 100 000 residents, while California reports 345 per 100 000, though the state still leads in absolute case volume with 139 665 reports due to its large population.
- Mississippi (344 cases per 100K) and North Carolina (297 cases per 100K) both show rapid growth in identity theft risk because they experienced sharp increases in their respective identity theft rates. The states show sharp upward movement because their identity theft cases rise at an extreme rate.
The Financial Toll – Average Out-of-Pocket Costs And Resolution Time
| Financial and time dimension | 2022 baseline | 2023 figure | 2024 figure | Trend and context |
| Total U.S. identity fraud and scam losses | USD 38 billion (Javelin). | USD 43 billion. | USD 47 billion dollars. | Steady annual increases driven by larger per‑capita payouts and expanding digital attack surfaces. |
| Average out‑of‑pocket victim expense | USD 119. | USD 202 (up 70%). | USD 214 (up 6% YoY, 80% vs. 2022). | Rising legal, postage, and unreimbursed‑debt costs as fraud complexity grows. |
| Average hours to resolve fraud | 6 hours. | Nearly 10 hours.javelinstrategy+1 | Not yet published for 2024; complex cases still range 10–200+ hours. | Skyrocketing resolution time reflects more accounts per consumer and longer institutional hold times. |
| IRS identity‑theft case processing time | 399 days (FY 2022). | 556 days (FY 2023). | 676 days (FY 2024); improving to ~506 days in FY 2025. | Tax‑related ID theft imposes the longest resolution timelines of any fraud type. |
| Distribution of victim losses (2024) | — | — | 31% lost <USD 500; 18% lost USD 1K–USD 5K; 12% lost >USD 10K. | More than 1 in 10 victims face five‑figure losses, far exceeding the USD 214 average out‑of‑pocket figure. |
| Victims contemplating suicide | ~2–3% (25 years ago). | 16% (2023). | Not yet updated. | The emotional toll has escalated dramatically, reframing identity theft as a public‑health concern. |
Primary Attack Vectors: How Identity Thieves Make Contact
| Attack vector/contact method | 2024 IC3 complaints or FTC‑reported losses | Key trend or risk factor |
| Phishing/spoofing (email‑based) | The Federal Trade Commission reports that scammer contact through email constitutes the most common method, according to 193407 IC3 complaints, which rank as the most reported crime type. | The entry point for 83 % of total IC3 dollar losses, which amounts to USD 13.6 billion through cyber‑enabled fraud, operates as an entry point that now serves criminal organizations to obtain user credentials, which they need to conduct BEC scams. |
| Smishing (SMS phishing) | The monthly SMS scam reports at Barclays show a 40 % annual growth rate, which results in 39 to 45 % of all mobile dangers while users click on links between 19 and 36 % of the time. | The victim engagement rates from fake toll notices, parcel jeopardy texts and tax season scams, which operate as email phishing attacks, show higher engagement as their click-through rates reach 2 to 4 %. |
| Social media (malicious links, fake ads, impersonation) | The Federal Trade Commission reported losses of USD 1.9 billion, while 70 % of social media contact victims lost money, and 58 % of Gen Z scam reports arose from social media platforms. | The victim engagement rates from fake toll notices, parcel jeopardy texts, and tax season scams, which operate as email phishing attacks, show higher engagement as their click-through rates reach 2 to 4 %. |
| AI voice cloning/vishing | Cybercriminals caused seniors over 60 years old to lose USD 4.9 billion in 2024, which represents a 43 % yearly growth. The majority of older adults express anxiety about AI voice cloning technology, which 84 % of them report. 53,369 call center scam complaints. | A voice can be reproduced through audio, which lasts only seconds. The “grandparent scam” targets elderly victims, who police forces brought to their first arrest, which is estimated to achieve 215 arrests through combined FBI-CBI operations during 2024. |
| Personal data breaches (third‑party) | IC3 received 64882 complaints, which represent the third most common reported crime. | The contact method that results in the most financial losses, according to FTC data, shows that fraudulent posts, fake investment offers and romance scams reach their highest volume through automated systems, which extend their distribution. |
| SIM swapping | The number of IC3 complaints in 2024 reached 982, which represents a decrease from 1075 complaints in 2023 but an increase from 2026 complaints in 2022. | The system allows 2FA code interception to occur, which functions as an escalatory method that occurs after attackers successfully execute their initial phishing or smishing attacks. |
Conclusion
Identity theft remains one of the most significant cybersecurity threats in 2025. With millions of reported cases and financial losses reaching tens of billions of dollars each year, the crime continues to expand alongside digital transformation. Credit card fraud, loan fraud, and account takeovers are the most common forms, while emerging technologies such as artificial intelligence are making attacks more sophisticated.
Addressing identity theft requires a multi-layered approach involving stronger cybersecurity frameworks, improved digital identity verification systems, public awareness, and global cooperation among governments and technology companies. As digital economies continue to grow, protecting personal identity data will become a critical priority for individuals, businesses, and policymakers worldwide.
FAQ
What does identity theft involve?
Criminals commit identity theft by stealing personal information, which includes Social Security numbers, bank details and login credentials to perform fraudulent activities.
How common is identity theft in the United States?
The U.S. recorded more than 1.1 million identity theft cases in 2024, which resulted in numerous fraud-related complaints throughout the year.
What is the most common type of identity theft?
Credit card fraud represents the primary form of identity theft, which occurs in approximately 43.9% of all theft incidents.
How much money is lost to identity fraud each year?
The total identity fraud and scam losses in the U.S. reached approximately USD 47 billion during 2024.
Which age group is most vulnerable to identity theft?
Adults between 40 and 49 years old experience the highest identity theft risk, with 168.14 cases occurring per 100000 individuals.
Add Bayelsa Watch as a Preferred Source on Google for instant updates!
Sources
