Identity fraud is rising in the United States, but the timing does not always line up with the breach behind it. Consumers lost $27.3 billion to traditional identity fraud in 2025, according to Javelin Strategy & Research's 2026 Identity Fraud Study. That followed a sharp 19% jump in 2024, when losses reached $27.2 billion.
FTC identity theft reports also climbed in 2025. Reports through the first nine months of the year had already topped the full-year total for 2024. The FTC received more than 1.1 million identity theft reports in 2024, according to the agency's Consumer Sentinel data.
The problem is that breach notices are becoming a regular part of life, even though the risks can last long after the notice arrives. The Identity Theft Resource Center logged a record 3,322 U.S. data compromises in 2025. In a separate consumer survey, the ITRC found that 80% of consumers received at least one breach notice in the previous 12 months. Among those consumers, 88% experienced at least one negative consequence afterward, including account takeover attempts.
Sign up for my FREE CyberGuy Report
5 MYTHS ABOUT IDENTITY THEFT THAT PUT YOUR DATA AT RISK
Stolen identity records often take time to turn into fraud. After a major breach, the data can move through criminal markets in stages. It may be sold to brokers, combined with information from earlier leaks and resold to fraud rings that build more complete identity profiles.
That means a Social Security number stolen in 2024 may not be used to open a fraudulent credit line or file a fake tax return until 2026 or later. By then, the free credit monitoring offered after the breach may have expired. The breach itself may also be long gone from the headlines.
UnitedHealth confirmed in January 2025 that about 190 million people were affected by the Change Healthcare breach. The incident exposed personal and health information, making it the largest known healthcare data breach in U.S. history. Affected consumers were offered two years of free credit monitoring and identity theft protection. The enrollment deadline was Aug. 26, 2025.
National Public Data, a background-check broker, was tied to a massive breach in 2024. Up to 2.9 billion records were reportedly exposed, though not all were unique or verified. The exposed information reportedly included Social Security numbers, addresses and relatives' information.
AT&T disclosed in July 2024 that hackers stole call and text records tied to about 109 million customer accounts. The stolen data included details about calls and texts, such as the numbers contacted and the timing of those communications, but not the content of the calls or messages. The incident involved data stored on a third-party cloud platform and was part of a wider Snowflake-linked campaign that also affected other companies.
HOSPICE FRAUD USES STOLEN IDENTITIES FOR FAKE PATIENTS
Stolen identity data can feed several types of fraud. Some of these scams take months or years to show up on a credit report, tax filing or insurance record.
Criminals combine a real Social Security number with a fake name and date of birth. They use that profile to open new credit lines, build trust and drain the accounts later.
Thieves use stolen Social Security numbers to file fake tax returns in someone else's name. Victims often find out only when their real return gets rejected.
Criminals use stolen personal or health insurance information to submit insurance claims for care the victim never received. Some victims do not notice until they get a bill, hit an insurance limit or see a collections notice.
Thieves open credit cards, auto loans or utility accounts using stolen identities. Victims may discover it only after checking their credit report.
Criminals use stolen usernames and passwords to break into your existing email, shopping, banking or financial accounts. They often use automated tools to test that same login information across multiple websites.
WHY A CREDIT FREEZE ISN'T THE END OF IDENTITY THEFT
After a breach, you are often told to freeze your credit, accept the free monitoring offer and watch your statements. Each step can help, but each one has limits. Free credit monitoring offered after a breach usually lasts one or two years. That can expire around the time stolen data starts to show up in new fraud attempts.
A credit freeze can block new accounts from being opened in your name. However, it will not stop every type of fraud. It does not prevent someone from filing a fake tax return with your Social Security number. It also does not stop fraudulent medical bills or takeover attempts on your existing accounts.
One-time dark web scans have limits, too. They show where your data appears at one point in time. They don't tell you where it may show up next. Once a Social Security number is in criminal markets, it can keep circulating.
If your information was exposed in a breach, these steps can help you lower your risk and catch suspicious activity sooner.
A credit freeze can help stop criminals from opening new credit cards, loans or other accounts in your name. You need to place a freeze with each of the three major credit bureaus: Equifax, Experian and TransUnion. You can temporarily lift the freeze when you need to apply for credit.
If you used the same password on more than one account, change it right away. Criminals often test stolen usernames and passwords across many websites. A password manager can help you create strong, unique passwords for every account.
Multifactor authentication adds another layer of protection beyond your password. Use an authenticator app or passkey where possible. Text codes are better than nothing, but stronger options can offer better protection against phishing.
Review bank statements, credit card charges, insurance claims and explanation of benefits statements. Look for accounts, charges, claims or services you do not recognize. Medical identity theft can be easy to miss until a bill or collections notice arrives.
Review your credit reports for new accounts or hard inquiries you do not recognize. You can check your reports for free at AnnualCreditReport.com. If you spot something suspicious, report it quickly and follow the dispute process with the credit bureau.
Paid identity theft protection services monitor your personal data on an ongoing basis. The goal is to shorten the time between when stolen data gets used and when you notice something is wrong.
Look for a service that monitors all three major credit bureaus, scans the dark web and alerts you to suspicious changes tied to your identity. Some services also monitor data broker sites, identity verification activity, home title records and financial accounts.
Three-bureau credit alerts can help catch new-account fraud. Dark web and data broker monitoring can help spot repackaged records. Account-change alerts can help flag takeover attempts. No service can undo the original breach, but ongoing monitoring can give you a better chance of catching suspicious activity early.
See my tips and best picks on Best Identity Theft Protection at CyberGuy.com.
A breach notice can feel like yesterday's problem once the headlines fade and the free monitoring runs out. But stolen personal data does not expire. Criminals can hold onto it, mix it with other leaked records and use it long after you have stopped thinking about the original breach. That is why identity protection needs to last longer than the breach notice. Freezing your credit, using strong passwords, turning on multifactor authentication and watching your accounts all help. But identity fraud is often a long game. The sooner you spot suspicious activity, the faster you can act before the damage spreads.
Should companies have to provide identity protection for as long as stolen data can be used against you? Let us know by writing to us at Cyberguy.com.
Sign up for my FREE CyberGuy Report
Copyright 2026 CyberGuy.com. All rights reserved.
