How to Use This Identity Theft Resource

Identity theft in the United States is classified under federal statute — primarily the Identity Theft and Assumption Deterrence Act (18 U.S.C. § 1028) — and touches regulatory jurisdictions spanning the Federal Trade Commission, the Consumer Financial Protection Bureau, and state attorneys general. This reference covers the structure of the National Identity Theft Authority directory: how its listings are organized, what categories of service providers and professional resources appear within it, and where the boundaries of its scope begin and end. Navigating identity theft services requires understanding which type of harm has occurred, which regulatory body governs remediation, and what class of professional holds relevant standing to assist. The Identity Theft Listings section is the primary operational index for those purposes.

How to navigate

The directory is structured around harm type and service category rather than alphabetical or geographic ordering. A visitor arriving after a credit fraud event follows a different path than one dealing with tax identity theft, medical identity fraud, or synthetic identity compromise — four distinct classifications with different remediation chains, different governing agencies, and different documentation requirements.

The fastest entry point is harm classification. Identify which of the four primary identity theft categories applies:

1. Financial identity theft — unauthorized use of credit, banking, or loan instruments; governed primarily by the Fair Credit Reporting Act (15 U.S.C. § 1681) and monitored by the Consumer Financial Protection Bureau (CFPB).
2. Tax identity theft — fraudulent filing using a victim's Social Security Number; falls under Internal Revenue Service jurisdiction with dedicated response through IRS Form 14039.
3. Medical identity theft — fraudulent use of health insurance credentials or Medicare/Medicaid identifiers; regulated under HIPAA (45 C.F.R. Parts 160 and 164) and the Department of Health and Human Services Office for Civil Rights.
4. Synthetic identity theft — combination of real and fabricated credentials to create a composite identity; increasingly addressed through Federal Reserve guidance and CFPB supervisory frameworks.

From that classification, the directory routes to service providers, legal professionals, credit counseling agencies, and government reporting resources specific to each category. The Identity Theft Directory Purpose and Scope page explains the listing criteria applied to each professional category.

What to look for first

When approaching any listing or reference within this directory, three criteria distinguish actionable resources from general informational ones: jurisdictional authority, professional licensure, and regulatory alignment.

Jurisdictional authority means the service provider or resource operates within the legal framework governing the specific harm type. An attorney listed under tax identity theft remediation should hold active bar admission in the relevant state and demonstrate familiarity with IRS Identity Protection PIN procedures. A credit restoration service should operate in compliance with the Credit Repair Organizations Act (15 U.S.C. § 1679 et seq.), which prohibits advance fees and requires specific written disclosures.

Professional licensure varies significantly by service type. Credit counselors operating under nonprofit status are typically accredited through the National Foundation for Credit Counseling (NFCC) or the Financial Counseling Association of America (FCAA). Identity theft insurance products are regulated at the state level through each state's Department of Insurance. Forensic document examiners engaged in identity fraud cases may hold certification through the American Board of Forensic Document Examiners (ABFDE).

Regulatory alignment is the third filter: listings are cross-referenced against known FTC guidance, including the agency's published identity theft recovery steps at IdentityTheft.gov, which serves as the federal government's centralized victim assistance portal.

How information is organized

Listings within the directory are grouped into three functional layers:

• Government and regulatory resources — federal agencies (FTC, IRS, HHS OCR, SSA), state attorneys general offices, and consumer protection bureaus with statutory authority over identity theft response.
• Professional service providers — licensed attorneys, accredited credit counselors, forensic specialists, and insurance products structured for identity theft coverage.
• Monitoring and remediation tools — credit bureau fraud alert services (Equifax, Experian, TransUnion), Social Security Administration identity protection resources, and IRS Identity Protection PIN enrollment.

Within professional service providers, a meaningful contrast exists between reactive and proactive services. Reactive providers — including identity theft attorneys and credit dispute specialists — engage after a documented harm event. Proactive providers — including identity monitoring services and credit freeze management tools — operate preventively. The directory maintains distinct listing categories for each, since the triggering conditions, documentation requirements, and professional qualifications differ substantially. The How to Use This Identity Theft Resource page should be read alongside the listings index to ensure correct category selection.

Limitations and scope

This directory covers identity theft services within United States jurisdiction. Cross-border identity fraud, international tax treaty implications, and foreign financial institution fraud fall outside the scope of listed resources and are governed by frameworks — including INTERPOL referral protocols and bilateral mutual legal assistance treaties — not represented here.

The directory does not cover general cybersecurity services, data breach class action litigation, or corporate identity fraud unless those categories intersect directly with individual consumer identity theft under FTC or CFPB jurisdiction. Data breach notification obligations, for instance, are governed by 50 separate state breach notification statutes plus sector-specific federal rules (HIPAA Breach Notification Rule, 45 C.F.R. § 164.400–414; Gramm-Leach-Bliley Act safeguards rules) — a scope distinct from individual victim remediation and addressed separately within the broader network.

Listings represent service providers operating within publicly verifiable regulatory frameworks. Inclusion does not constitute endorsement. The FTC's Bureau of Consumer Protection maintains enforcement records on credit repair and identity theft service providers at ftc.gov/bcp, which serves as an independent verification resource for any listed professional category.