Identity Theft and Credit Card Fraud Statistics for 2024

Many or all of the products here are from our partners that compensate us. It’s how we make money. But our editorial integrity ensures that our product ratings are not influenced by compensation. Terms may apply to offers listed on this page.

KEY POINTS

  • Identity theft rises in 2024: 842,000 cases of identity theft have been reported through the first three quarters of 2024, on pace to exceed reports in 2023.
  • Credit card fraud remains top concern: Credit card fraud was the most common type of identity theft over the first three quarters of 2024.
  • Identity theft by age: Americans 30 to 39 years old are most likely to fall victim to identity theft. Older and younger Americans are least likely.

The latest identity theft and credit card fraud statistics paint a bleak picture. There were 290,000 reported cases of identity theft and 117,000 cases of credit card fraud in the third quarter of 2024 alone.

Those have been the most common types of fraud since 2020, and reported cases have risen over the past year, according to data from the Federal Trade Commission (FTC)

Read on for a full report covering identity theft statistics, how these crimes have evolved, the demographics at the biggest risk, and much more.

Identity theft in the United States

842,000 cases of identity theft have been reported to the FTC through the first three quarters of 2024. At that rate, the number of identity theft cases for the full year will exceed the amount reported in 2023.

The identity theft statistics collected by the FTC are based on reports from consumers, so it's likely that there are many cases of identity fraud that go uncounted.

Identity theft reports in the United States

Year Identity Theft Reports
2019 650,000
2020 1,389,000
2021 1,434,000
2022 1,108,000
2023 1,037,000
2024, Q1-Q3 841,988
Data source: Federal Trade Commission (2024).

The rate of identity theft increased significantly from 2017 to 2021, growing from 371,000 reports to 1.4 million. While reports of identity theft have dropped after peaking in 2021, they remain well above pre-pandemic rates.

A line chart showing the number of cases of identity theft over time.

According to a report by Javelin Strategy & Research, identity theft cases resulted in losses of $23 billion in 2023, up from $20 billion in 2022.

The most common types of identity theft

Identity theft comes in many forms, credit card fraud is the most common. Roughly 327,000 cases of credit card fraud were reported to the FTC through the third quarter of 2024. That's up 3% from the same period in 2023.

Type of Identity Fraud Reported Cases, Q1-Q3 2024 Percent Change, Q1-Q3 2023
Credit card fraud 326,617 3%
Other identity theft 258,843 28%
Loan or lease fraud 130,330 13%
Bank fraud 86,035 (20%)
Employment or tax-related fraud 73,442 (1%)
Phone or utilities fraud 62,476 3%
Government documents or benefits fraud 54,678 (27%)
Data source: Federal Trade Commission (2024). Not all identity theft reports include the theft type or subtype.

Other identity theft, which includes schemes involving email and social media, insurance, medical services, online shopping, investing accounts, and more, was the second-most commonly reported type of fraud in the first three quarters of 2024 and saw the fastest growth from the previous period of any type of fraud. That increase has been driven by spikes in identity theft related to insurance and securities accounts

Reports of nearly every type of loan and lease fraud increased through the third quarter of 2024, including apartment or house rental fraud, auto loan and lease fraud, business and personal loan fraud, and real estate loan fraud.

Bank fraud, government documents or benefits fraud, and employment or tax-related fraud all decreased year over year.

Credit card fraud in the United States

Credit card fraud was the most common type of identity theft in the first three quarters of 2024, with 327,000 reported cases. That puts credit card fraud cases roughly on pace with the amount reported in 2023 and below the number of cases reported in 2022.

Credit card fraud reports by year

Year Credit Card Fraud Reports
2019 277,739
2020 399,721
2021 395,391
2022 448,459
2023 425,977
2024, Q1-Q3 326,617
Data source: Federal Trade Commission (2024).

From 2017 through 2019, credit card fraud was the most common type of identity theft, only to be overtaken by government documents and benefits fraud in 2020 and 2021 when scammers took advantage of pandemic-era government benefit programs.

Still, there was a 49% increase in reported cases of credit card fraud in 2020 compared to 2019. In 2023, there were 53% more reported cases of credit card fraud than in 2019.

Types of credit card fraud

There are two types of credit card fraud:

  • New account: An identity thief uses your information to open a credit card account in your name.
  • Existing account: An identity thief uses a credit card that you opened. This is usually done by stealing the credit card information.

New account fraud makes up 90% of all credit card fraud, although existing account fraud is on the rise.

Year Existing Account Fraud New Account Fraud
2019 31,044 246,695
2020 33,988 365,733
2021 32,283 363,108
2022 39,407 409,052
2023 44,855 381,122
2024, Q1-Q3 38,529 295,043
Data source: Federal Trade Commission (2024).

When considering how to avoid credit card fraud, preventing people from acquiring card information probably comes to mind. But the statistics show that it's actually far more likely for someone to open an entirely new account using stolen personal data than for fraud to occur via a stolen credit card.

Why is new account fraud the dominant type of credit card fraud? There are several explanations:

  • Existing account fraud has become more difficult. Because of credit card chip technology, the transaction process is more secure and it's harder for criminals to counterfeit credit cards.
  • Data breaches have exposed information for hundreds of millions of people. Identity thieves can use this information for new account fraud.
  • It's easier to steal money through new account fraud because it's an entirely new account that the consumer doesn't know about. With an existing account, the card issuer or the consumer may notice suspicious activity and lock the card in the event of an account takeover by identity thieves.

It's important to remember that individuals can dispute credit card charges with their credit card issuer if a card or information has been stolen. Creditors can then help remove fraudulent charges, which could impact credit reports down the line.

Fraud detection and prevention plus other consumer protections are huge advantages of using a credit card, of course -- in addition to the opportunity to increase your credit score. Motley Fool Money has a guide for how to apply for a credit card and get approved.

The growth of synthetic account fraud

Identity thieves are always developing new ways to steal money. A relatively new form of identity theft, called synthetic account fraud, is one of the fastest-growing financial crimes in the nation.

Synthetic fraud attempts have grown 184% from 2019 and 21% from 2022 to 2023, according to TransUnion. Synthetic identity fraud was up 153% from the second half of 2023 to the first half of 2024, the credit bureau found.

Synthetic account fraud involves a combination of real and fabricated information, such as a real Social Security number and a false name. The synthetic identity can be used to apply for credit cards, loans, and government benefits. Perpetrators often spend time building a good credit score with synthetic identities. Then, they max out an identity's credit and abandon its accounts.

The video game and communities industries are the most common targets for synthetic fraud, according to analysis from TransUnion. In the first half of 2024, 11.5% of online communities-related transactions (online dating and other online forums) and 11.4% of video game transactions were suspected to be fraudulent or attempts at fraud. In terms of volume, attempted communities fraud was up 22.3% and fraud via video games was down 6%

Digital Fraud Attempts by Industry Suspected Fraud Attempt Rate, H1 2024 Percent Change, Year Over Year Top Fraud Type
Retail 7.3% (61.1%) Promotion abuse
Video games 11.4% (6.3%) Scammer/solicitation
Telecommunications 2.4% (89.2%) Identity theft
Gaming (online gambling) 7.2% (9.2%) Promotion abuse
Financial services 4.6% (3.6%) Account takeover
Communities (online dating, forums, etc.) 11.5% 22.3% Profile misrepresentation
Travel and leisure 1.0% (33.2%) Credit card fraud
Insurance 1.8% (32.4%) Ghost broker
Logistics 2.9% 120.7% Shipping fraud
Data source: TransUnion (2024).

Among lenders, auto lenders are most exposed to synthetic fraud, with losses in the first half of 2024 totaling $2 billion. That's double that of bank credit cards and over 10 times more than retail credit cards and unsecured personal loans.

Lender Industry H1 2024 2023
Auto loans $2 billion $1.9 billion
Bank credit cards $1 billion $1 billion
Retail credit cards $121 million $138 million
Unsecured personal loans $52 million $55 million
Data source: TransUnion (2024).

Fraudsters target the auto industry because they view it as most profitable, according to Shai Cohen, the senior vice president and head of global fraud solutions at TransUnion. Using a synthetic identity, fraudsters can secure an auto loan for an expensive car, leaving an innocent victim and auto company on the hook.

Identity theft reports by age

Age Identity Theft Reports in 2024, Q1-Q3 Percent of Total Reports
19 and Under 17,559 2%
20 to 29 139,720 19%
30 to 39 214,276 29%
40 to 49 153,509 21%
50 to 59 102,055 14%
60 to 69 63,931 9%
70 to 79 28,006 4%
80 and over 7,340 1%
Data source: Federal Trade Commission (2024). Not all identity theft reports include the victim's age. Percent is among reports by age

Those in the 30 to 39 age range have recorded the most identity theft reports for years.

The youngest and oldest Americans report the fewest cases of identity theft. That doesn't necessarily mean they are less susceptible to identity theft -- instead it may suggest that they simply opt not to report, aren't aware that they can, or don't know how.

Here's a look at the most common types of identity fraud for each age group:

Age Most Common Type of Identity Theft Number of Reports, 2024 Q1-Q3 Percentage of Age's Total Identity Theft Reports
19 and under Employment or tax-related fraud 10,072 53%
20 to 29 Credit card fraud 59,872 36%
30 to 39 Credit card fraud 95,196 37%
40 to 49 Credit card fraud 65,208 35%
50 to 59 Credit card fraud 38,539 32%
60 to 69 Credit card fraud 21,051 28%
70 to 79 Credit card fraud 8,840 27%
80 and over Credit card fraud 2,205 25%
Data source: Federal Trade Commission (2024). Not all identity theft reports include the victim's age or theft type.

Identity theft by state

Here are the states with the most identity theft reports through the first three quarters of 2024:

  1. California: 120,307
  2. Texas: 100,766
  3. Florida: 97,992
  4. New York: 50,296
  5. Georgia: 50,001

Population sizes play a large role in which states have the most identity theft reports. Looking at each state's number of reports per 100,000 residents provides a clearer picture of where identity theft is more prevalent.

States ranked by identity theft reports per capita

A table and map showing identity theft by state.

Identity theft per capita declined in just seven states when comparing reports in the third quarter of 2024 vs. the same quarter in 2023:

  • Montana: -38%
  • Iowa: -32%
  • Utah: -22%
  • Rhode Island: -10%
  • South Dakota: -4%
  • Pennsylvania: -1%
  • Oregon: -1%

The states with the largest percent increases are:

  • Louisiana: +74%
  • Alabama: +54%
  • Arkansas: +54%
  • Texas: +48%
  • Florida: +42%

Not all identity theft reports filed to the FTC contain location information.

Top metropolitan areas for identity theft

The greater Miami metropolitan area and Atlanta metro posted the highest reported cases of identity theft per capita.

Some metro areas place higher per capita in terms of identity theft than where their state ranks. Examples include Tuscaloosa and Montgomery in Alabama, Philadelphia, Los Angeles, and a number of metro areas in the Carolinas that cover Charlotte, Columbia, and Charleston.

Data breaches

Data breaches are one of the ways criminals commit identity theft and credit card fraud. The hackers who steal information through data breaches often sell it on the dark web. Buyers then use the information for various types of fraud.

According to Nationwide, 58% of consumers are concerned about being a victim of cybercrime, but 69% don't have cyber insurance.

Cyber insurance can limit costs stemming from cybercrime and reduce the amount of time it takes to recover from cyberattacks.

The most cited reasons for consumers to not have cyber insurance are lack of knowledge about cyber insurance, not knowing cyber insurance is available to them, and thinking that coverage is too expensive, per Nationwide.

Obtaining cyber insurance may be wise. Sixty-nine percent of consumers don't feel prepared to recover from a cyberattack and 68% haven't thought about how they would respond, Nationwide found.

Data breaches by year

The number of data compromises jumped in 2023 to 3,205 from 1,801 in 2022. However, the number of individuals impacted fell by 17%, from 422 million to 352 million, according to The Identity Theft Resource Center.

Year Number of Data Compromises Number of Individuals Impacted
2016 1,104 2,541,581,891
2017 1,631 2,081,515,330
2018 1,280 2,231,245,353
2019 1,362 887,286,658
2020 1,108 300,562,519
2021 1,860 300,607,163
2022 1,801 422,212,090
2023 3,205 352,027,892
Data source: Identity Theft Resource Center (2024)

Why have there been more data compromises but fewer individuals impacted? The Identity Theft Resource Center reports that cybercriminals aim to acquire specific personal information that can be used for identity theft, fraud, and scams instead of more sprawling attacks.

Most data breaches occur via cyberattack, with phishing, ransomware, and malware being the most common tactics. Here's how each works:

  • Phishing is when a cybercriminal pretends to be a trusted entity so the target will click a link in an email, text message, or chat message.
  • Ransomware is a type of malware that threatens to release sensitive data if the target doesn't pay a ransom.
  • Other types of malware -- which can be inadvertently downloaded through fraudulent ads or other links -- can monitor computer activity and keystrokes, and steal personal information.

Causes of data breaches

Breach Type 2020 2021 2022 2023
Cyberattacks 878 1,613 1,595 2,365
Human and system errors 152 179 152 729
Physical attacks 78 51 46 53
Supply chain attacks - - - 242
Unknown - 12 10 -
Data source: Identity Theft Resource Center (2024).

There were four root causes of the over 3,000 data breaches in 2023:

  • Cyberattacks: Includes phishing, ransomware, malware, and unsecured cloud environments.
  • Human and system errors: Includes failure to configure cloud security, email or letter correspondence, and lost devices and documents.
  • Physical attacks: Includes device theft, document theft, improper disposal, and skimming devices.
  • Supply chain attacks: Occurs when the attacker compromises a smaller vendor to access information held by a larger company.

Cyberattacks are by far the most common cause of data breaches and impact the largest number of people overall. Human and system errors don't happen nearly as often, but when they do, they impact more people on average. A cyberattack in 2021 impacted an average 117,000 people, whereas each human and system error impacted about 586,000 people.

Types of data compromised

Type of Data Compromised Number of Breaches Containing Data in 2021 Number of Breaches Containing Data in 2022
Name 1,603 1,560
Full Social Security number 1,136 1,143
Date of birth 686 633
Current home address 681 565
Medical history/condition/treatment/diagnosis 464 465
Driver's license/State ID number 447 499
Bank account number 402 443
Medical insurance account number 361 370
Phone number 218 N/A
Payment card full number 211 N/A
Undisclosed records N/A 226
Medical provider account/record number N/A 196
Data source: Identity Theft Resource Center (2023).

There were dozens of different types of data compromised in 2022's data breaches. The table above includes the numbers for the types of data that are often used for identity theft.

Most data breaches included people's names, and over half of them included full Social Security numbers. Fortunately, fewer than 20% of data breaches contained bank account or payment card information.

A turbulent 2024 for identity theft and credit card fraud

The rate of identity theft grew through the first three quarters of 2024 compared to the same period in the previous year, and cases still remain significantly higher than pre-pandemic.

Credit card fraud, loan and lease fraud, phone and utilities fraud, and other types of identity theft are on the rise, while bank fraud, government documents and benefits fraud, and employment and tax-related fraud have declined.

Data compromises hit a record high in 2023, but impacted fewer people as cybercriminals change their tactics and continue to take aim at personal information instead of undertaking sweeping attacks.

While identity theft isn't as commonplace as it was during the height of the pandemic in late 2020 and early 2021, reports still remain above what was recorded in 2019.

To prevent identity theft, the FTC recommends securing personal information, whether it be in physical form or online, and being vigilant when someone asks for your Social Security number or other sensitive personal information.

Sources

Our Research Experts