Why last year’s breach is this year’s identity fraud

Why last year's breach is this year's identity fraud

How stolen personal data can turn into fraud long after a breach fades from the headlines

close Video

Fox News Flash top headlines for May 10

Fox News Flash top headlines are here. Check out what's clicking on FoxNews.com.

Identity fraud is rising in the United States, but the timing does not always line up with the breach behind it. Consumers lost $27.3 billion to traditional identity fraud in 2025, according to Javelin Strategy & Research's 2026 Identity Fraud Study. That followed a sharp 19% jump in 2024, when losses reached $27.2 billion.

FTC identity theft reports also climbed in 2025. Reports through the first nine months of the year had already topped the full-year total for 2024. The FTC received more than 1.1 million identity theft reports in 2024, according to the agency's Consumer Sentinel data.

The problem is that breach notices are becoming a regular part of life, even though the risks can last long after the notice arrives. The Identity Theft Resource Center logged a record 3,322 U.S. data compromises in 2025. In a separate consumer survey, the ITRC found that 80% of consumers received at least one breach notice in the previous 12 months. Among those consumers, 88% experienced at least one negative consequence afterward, including account takeover attempts.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you'll get instant access to my Ultimate Scam Survival Guide free when you join.

5 MYTHS ABOUT IDENTITY THEFT THAT PUT YOUR DATA AT RISK

Data from old breaches can resurface months or even years later, giving criminals new ways to target consumers. (Kurt "CyberGuy" Knutsson)

Why old breach data can turn into new fraud

Stolen identity records often take time to turn into fraud. After a major breach, the data can move through criminal markets in stages. It may be sold to brokers, combined with information from earlier leaks and resold to fraud rings that build more complete identity profiles.

That means a Social Security number stolen in 2024 may not be used to open a fraudulent credit line or file a fake tax return until 2026 or later. By then, the free credit monitoring offered after the breach may have expired. The breach itself may also be long gone from the headlines.

Major breaches that could fuel future identity fraud

UnitedHealth confirmed in January 2025 that about 190 million people were affected by the Change Healthcare breach. The incident exposed personal and health information, making it the largest known healthcare data breach in U.S. history. Affected consumers were offered two years of free credit monitoring and identity theft protection. The enrollment deadline was Aug. 26, 2025.

National Public Data, a background-check broker, was tied to a massive breach in 2024. Up to 2.9 billion records were reportedly exposed, though not all were unique or verified. The exposed information reportedly included Social Security numbers, addresses and relatives' information.

AT&T disclosed in July 2024 that hackers stole call and text records tied to about 109 million customer accounts. The stolen data included details about calls and texts, such as the numbers contacted and the timing of those communications, but not the content of the calls or messages. The incident involved data stored on a third-party cloud platform and was part of a wider Snowflake-linked campaign that also affected other companies.

HOSPICE FRAUD USES STOLEN IDENTITIES FOR FAKE PATIENTS

Stolen personal information can be combined with other leaked records to create more complete identity profiles. (Kury "CyberGuy" Knutsson)

What thieves do with stolen identity data

Stolen identity data can feed several types of fraud. Some of these scams take months or years to show up on a credit report, tax filing or insurance record.

Synthetic identity fraud

Criminals combine a real Social Security number with a fake name and date of birth. They use that profile to open new credit lines, build trust and drain the accounts later.

Tax refund fraud

Thieves use stolen Social Security numbers to file fake tax returns in someone else's name. Victims often find out only when their real return gets rejected.

Medical identity theft

Criminals use stolen personal or health insurance information to submit insurance claims for care the victim never received. Some victims do not notice until they get a bill, hit an insurance limit or see a collections notice.

New-account fraud

Thieves open credit cards, auto loans or utility accounts using stolen identities. Victims may discover it only after checking their credit report.

Account takeover

Criminals use stolen usernames and passwords to break into your existing email, shopping, banking or financial accounts. They often use automated tools to test that same login information across multiple websites.

WHY A CREDIT FREEZE ISN’T THE END OF IDENTITY THEFT

Ongoing monitoring can help catch suspicious activity after free breach protection ends. (Kury "CyberGuy" Knutsson)

Why one-time protection isn’t enough

After a breach, you are often told to freeze your credit, accept the free monitoring offer and watch your statements. Each step can help, but each one has limits. Free credit monitoring offered after a breach usually lasts one or two years. That can expire around the time stolen data starts to show up in new fraud attempts.

A credit freeze can block new accounts from being opened in your name. However, it will not stop every type of fraud. It does not prevent someone from filing a fake tax return with your Social Security number. It also does not stop fraudulent medical bills or takeover attempts on your existing accounts.

One-time dark web scans have limits, too. They show where your data appears at one point in time. They don't tell you where it may show up next. Once a Social Security number is in criminal markets, it can keep circulating.

Steps to protect yourself after a breach

If your information was exposed in a breach, these steps can help you lower your risk and catch suspicious activity sooner.

1) Freeze your credit

A credit freeze can help stop criminals from opening new credit cards, loans or other accounts in your name. You need to place a freeze with each of the three major credit bureaus: Equifax, Experian and TransUnion. You can temporarily lift the freeze when you need to apply for credit.

2) Change reused passwords

If you used the same password on more than one account, change it right away. Criminals often test stolen usernames and passwords across many websites. A password manager can help you create strong, unique passwords for every account.

3) Turn on multifactor authentication

4) Watch your financial and medical accounts

Review bank statements, credit card charges, insurance claims and explanation of benefits statements. Look for accounts, charges, claims or services you do not recognize. Medical identity theft can be easy to miss until a bill or collections notice arrives.

5) Check your credit reports

Review your credit reports for new accounts or hard inquiries you do not recognize. You can check your reports for free at AnnualCreditReport.com. If you spot something suspicious, report it quickly and follow the dispute process with the credit bureau.

What to do after free monitoring expires

Paid identity theft protection services monitor your personal data on an ongoing basis. The goal is to shorten the time between when stolen data gets used and when you notice something is wrong.

Look for a service that monitors all three major credit bureaus, scans the dark web and alerts you to suspicious changes tied to your identity. Some services also monitor data broker sites, identity verification activity, home title records and financial accounts.

Three-bureau credit alerts can help catch new-account fraud. Dark web and data broker monitoring can help spot repackaged records. Account-change alerts can help flag takeover attempts. No service can undo the original breach, but ongoing monitoring can give you a better chance of catching suspicious activity early.

See my tips and best picks on Best Identity Theft Protection at CyberGuy.com.

Kurt's key takeaways

A breach notice can feel like yesterday's problem once the headlines fade and the free monitoring runs out. But stolen personal data does not expire. Criminals can hold onto it, mix it with other leaked records and use it long after you have stopped thinking about the original breach. That is why identity protection needs to last longer than the breach notice. Freezing your credit, using strong passwords, turning on multifactor authentication and watching your accounts all help. But identity fraud is often a long game. The sooner you spot suspicious activity, the faster you can act before the damage spreads.

Should companies have to provide identity protection for as long as stolen data can be used against you? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you'll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Support Everyday Chronicle
Global reporting requires independent voices. If you value our coverage, please consider a small contribution to help us grow.
​Click the button below to make a secure donation