A number of recent events have unleashed a powerful digital transformation, most notably the pandemic that forced a shift to remote work. Like it or not, most companies have had to manage a remote workforce, while keeping their organization safe from cyber risk.
While digitization has significantly grown, so cybercrime—since 2020, cybercrime has risen by 600% as compared to the previous year. As businesses and their devices continue to scale, so must their security strategies. All of this begins with your employees’ identities.
Learn what identity theft is, how identity theft affects your business and workforce, and the proactive risk intelligence strategies that can mitigate these threats.
What Is Identity Theft?
Definitionally, identity theft is when someone steals personal information and uses it to their advantage.
Identity theft can happen to adults and children alike via:
- Stealing SSN or credit card/bank account numbers.
- Hacking someone’s email, phone or other device, or deploying a phishing attack to obtain personal data.
- Acquiring personally identifiable information (PII) through a data breach.
In 2021, Constella’s research found:
- Roughly 42 billion exposed records were found on the dark web.
- Items such as credit cards, passports, and IDs had large price increases on the dark web.
- Emails and passwords are the top two data types that show up in most breaches and leakages.
What Is Business Identity Theft?
Identity theft and business identity theft are not the same.
Business identity theft is when someone impersonates a company—not an individual—to execute malicious schemes. This can manifest in various ways, including:
- Stealing business ID documents/credentials to obtain company information
- Filing fraudulent business documents to receive refundable business credits or to initiate personal identity theft
- Sending out fraudulent emails in a company’s name to gain confidential personal or business information
Any entity with a business federal tax ID or EIN is at risk of business identity theft. In addition, organizations are exposed primarily due to the vulnerability of their employees and their data.
Since 2018, the Constella team discovered over 13,000 data breaches and 11 million exposed personal records—all linked to individuals’ corporate credentials. Therefore, it’s imperative to understand the wide impact identity theft can create and how to protect your business adequately.
5 Ways Identity Theft Impacts Your Business and Employees
Here are the five main ways identity theft impacts your business and employees:
1. Causes Reputational Damage
Cybercriminals target employees to gain access to company data, which puts your brand’s reputation at risk.
For example, Jack Dorsey, CEO of Square and former Twitter CEO was one of many executive leaders who became the victim of a malicious hack. A cybercriminal hacked into his social media account and posted a series of racial slurs. Though Dorsey was not responsible, Twitter still suffered reputational harm. The incident compelled the public to doubt Twitter’s lack of security measures and highlighted the company’s shortfall in not doing enough to prevent racist rhetoric on the social platform.
2. Causes Financial Damage
Identity theft can create severe financial losses that can affect your bottom line.
Businesses hit by CEO fraud attacks lose on average between $25,000 – and $75,000 per attack.
Moreover, cyberattacks involving CEOs have cost some organizations millions of dollars. One company paid $575 million as part of a settlement with the Federal Trade Commission (FTC), Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories. The complaint alleged that the company failed to take reasonable steps to secure its network, exposing involving 147 million consumers to a data breach in 2017.
3. Puts Employees at Risk
Identity theft exposes personal data, putting your employees and their family members at risk:
- 78% of employees have had their corporate credentials exposed in a breach or leakage.
- 92% of executives have had their credentials exposed. Executives and VIP employees are most at risk, as they often possess the most confidential information.
Perhaps one of the most dreaded aspects of employee risk is the impact data breaches can have on an employee’s or executive’s job status. For example, C-suite officials at large corporations such as Target and Sony were fired due to cyber attacks.
Though the executives were not directly responsible, the repercussions of the cybercrime can impact shareholder relationships and company reputation.
4. Puts Customers at Risk
If you’re in the B2C space, identity theft can put your customers’ personal safety at risk. When First American Financial Corp. was hacked, millions of customers’ records were exposed. The information included people’s bank account numbers, SSNs, driver’s license numbers, and more.
Cases like this can cause a ripple effect, damaging your customers’ safety and the reputation of your brand and organization.
5. Affects Time and Resources
Identity theft creates a multitude of issues that require time and resources to solve. Victims spend roughly 100 – 200 hours (12.5 to 25 workdays) unraveling the havoc that identity theft wreaks. Filing reports, freezing relevant accounts, auditing passwords, changing credit card payment authorizations have a huge impact on employee/business productivity.