Data breaches put millions at risk each year. And while many victims are adults, it seems that no one is too young to become a victim of identity fraud. 

According to a new study by Javelin Strategy & Research, over 1 million US children had their identities stolen in 2017 - resulting in $2.6 billion in fraud, with families paying over $540 million out of pocket.

 Photo by  Hal Gatewood

Photo by Hal Gatewood

Even worse, these attacks can occur before children even become active internet users. 66 percent of child identity fraud victims are younger than eight years old. 

The study highlights the increasingly dangerous problem of identity theft involving children, which tends to be overlooked amid recent data breaches that have taken place on a global scale. The increased digitization of school, medical, and extracurricular records has made children more vulnerable than ever to identity fraud. 

According to the study, identities of minors are being “aggressively targeted.” Among households notified of a data breach involving a child, 39 percent fell victim to identity fraud. In comparison, only 19 percent of adults who were notified became fraud victims.

“Child identity fraud is a very real problem, but it is often overlooked with so much of the public's focus on recent breaches involving the personally identifiable information of adults,” the study notes. 

“To characterize it as an 'adult problem' is to overlook an extremely vulnerable population with minimal ability to protect itself without assistance.” 

Unlike adult victims, only 7 percent of whom personally know the identity thief, over 60 percent of child identity fraud victims know the perpetrator. In a third of all incidents recorded by Javelin, a family friend was responsible, while 18 percent of the fraud was committed by the parent’s spouse or partner.

“In some cases, a parent or guardian may use a child's identity to create an account that would allow the family to pay some bills.”, said Al Pascual, senior vice president of research at Javelin.

"And then there are cases where someone knows the child and the motivations are a bit less selfless," he added. "It could be the uncle with a criminal background who doesn't mind ripping off everyone, and he goes and opens new credit card accounts under the child's name and goes on a shopping spree in Las Vegas."

The study also found a “strong connection” between children who are bullied and those affected by fraud. Kids bullied online are nine times more likely to have their identities stolen, researchers found. 

“In many cases, fraud and bullying are not perpetrated by the same individual but arise from the same underlying vulnerabilities,” said Pascual. “Children who are unprepared to protect themselves from online risks are likely to encounter both individuals who wish to target them emotionally or financially. Bullied children may be more vulnerable to fraud as they are taken advantage of when they seek friendship online.”

It's key to take steps to prevent your child's identity from being compromised, and act quickly if you suspect a problem. Here are a few steps parents can take to prevent their child from falling victim to fraud: 

  • Keep data out of circulation. Don't overshare personal details, such as your child's Social Security number
  • Educate your children on protecting their identity from an early age by managing their online activity. 
  • Lock down documents. Keep any physical or digital sensitive information locked away behind a safe or password protected device.
  • Monitor accounts. Check your child's credit history to make sure they haven't been hit by fraud.
  • Freeze your child's credit if a threat has been detected to prevent new accounts from being opened. 
  • Pay special attention to children who may be bullied. They are more likely to be targeted and may be unprepared to protect themselves from financial targeting.
  • Take breach notifications seriously.  

Breadcrumb is a cybersecurity and executive advisory firm. Located in Central California, we partner with organizations throughout the US, protecting their critical assets from cyber breach. Contact us today for a no-obligation consultation.