September 18, 2014

Dead or Alive: Identity Theft Remains a Constant Threat

Even when a person has passed away, their personally identifiable information isn’t safe.

Research by ID Analytics shows that the identities of nearly 2.5 million deceased Americans are misused by identity thieves every year.

The criminals use stolen information to open lines of credit and set up cell phone service in the names of deceased people. They file fraudulent tax returns claiming refunds. They also make up Social Security numbers for people who have died.

It’s likely that most of the identity theft you hear about is done by cyber criminals and dumpster divers, but thieves who steal identities of deceased people go about it differently. They skim obituaries for information and visit funeral homes, hospitals and nursing homes to see what they can steal. They also access the Death Master File (DMF), which contains sensitive information such as Social Security Number, name, date of birth, date of death, state or country of residence, and ZIP code of the last residence.

While there are many privacy laws and legislation that protect personal information, recently the government passed new legislation that makes it tougher to steal the identity of a deceased person from the DMF.

The Bipartisan Budget Act of 2013’s Temporary Certification Program for Access to the Death Master File (DMF) protects DMF information for three years following a person’s death. Anyone who wants to use the information must be officially certified and sign a terms of use agreement, pay a processing fee, and agree to random audits. Applicants must describe how they’ll protect the data as well.   

Here are ways individuals can help reduce identity theft of people who are deceased:

  • Limit information included in the obituary (such as birthday, maiden name, etc.)
  • Notify state agencies, credit bureaus, and all financial institutions of the death – having it on record reduces the risk of identity theft. 
  • When the appropriate amount of time has gone by, remove private information that is posted online in social media or business-related profiles, etc.
  • Never put personally identifiable information of the deceased (such as credit cards, driver’s license, passport, etc.) into the garbage or recycling bin – always shred it before recycling. Consider attending aCommunity Shred-it event to securely dispose of this information.
  • Have the hard drives of electronic devices that belonged to the deceased destroyed too – to prevent the recovery of any personal information. Here is information about hard drive destruction
  • Be mindful that family members are sometimes the perpetrators of identity theft. Lock away private information from all prying eyes.

Today, identity theft is a constant threat for everyone, and it’s important to think about protection at all times. For example, protect PIN numbers, don’t carry every piece of ID, use password protection and screen lock tools on all electronic devices, and take all receipts, smartphones, and tablets when you leave a public place.  

Learn more about identity theft and how to ensure your information is protected.