Despite a proliferation of laws in recent years requiring companies to alert customers about data breaches, most individuals find out that they are victims of ID theft on their own, according to newly-published data from the Federal Trade Commission.
Among, 5,000 adults surveyed, 3.7 percent said their identities had been stolen. Among these victims, 66 percent found out by taking matters into their own hands. For instance, 26 percent found out by monitoring their own accounts. Another 18 percent said they learned when they received a bill. Other respondents said they were alerted through credit monitoring services, reviewing credit reports or applying for credit, a job and/or benefits.
Only 15 percent listed notification by a company as a means of finding out their identities had been stolen (11 found out some other, unspecified way).
A subset of the respondents were asked if they ever been notified about a data breach by the business involved, whether they were an ID-theft victim or not. Among 1,500 people who were asked the question, less than 10 percent said a company had ever told them about a data breach.
The survey was conducted by Synovate, a market research company, in 2006. A California law requiring companies to notify customers of any data breaches was enacted in 2003, and since then, 30 other states have passed data breach notification laws.