US Identity Theft Statistics: Prevalence, Trends, and Reported Reported Losses

Identity theft ranks among the most consistently reported consumer fraud categories tracked by federal agencies, generating hundreds of thousands of formal complaints annually and billions of dollars in documented losses. This page presents the statistical landscape of identity theft in the United States, drawing on data published by the Federal Trade Commission, the Consumer Financial Protection Bureau, and affiliated federal bodies. The figures here describe prevalence across fraud categories, demographic concentration, and loss magnitude — providing a structured reference for professionals, researchers, and service seekers navigating this sector.

Definition and Scope

For statistical and regulatory purposes, identity theft is defined by the FTC as a fraud type in which a consumer's personal identifying information — including Social Security numbers, financial account credentials, or government-issued document numbers — is used without authorization to obtain goods, services, credit, or government benefits (FTC Consumer Sentinel Network).

The FTC's Consumer Sentinel Network serves as the primary federal repository for identity theft complaint data. In 2023, the Sentinel Network received approximately 1.04 million identity theft reports, representing the second-largest fraud category after imposter scams (FTC Consumer Sentinel Network Data Book 2023). That figure does not capture unreported incidents, which law enforcement analysts consistently characterize as substantially larger than reported totals.

The statistical scope covers identity theft types and categories that include financial fraud, government document fraud, tax fraud, and medical misuse — each tracked in discrete subcategories within federal complaint systems. State-level distributions are tracked separately through the FTC's state ranking reports, which assign per-capita complaint rates to all 50 states and the District of Columbia; see identity theft by state for geographic breakdowns.

How It Works

Federal identity theft statistics are compiled through a multi-agency pipeline with the FTC Sentinel Network as the central aggregation point. Consumers file reports via IdentityTheft.gov, the FTC's online reporting portal, or through direct law enforcement channels. Those reports are cross-referenced with data submitted by participating organizations including financial institutions, law enforcement agencies, and the Social Security Administration.

The statistical classification process follows these discrete stages:

1. Complaint intake — A consumer files a report with the FTC, a state attorney general's office, or a law enforcement agency. Reports filed through IdentityTheft.gov feed directly into the Sentinel database.
2. Fraud type coding — Each report is coded into one of the FTC's primary identity theft subcategories: credit card fraud, government documents or benefits fraud, loan or lease fraud, employment or tax-related fraud, phone or utilities fraud, or bank fraud.
3. Deduplication and aggregation — Duplicate reports are identified and removed. Sentinel compiles aggregate totals by fraud type, state, and demographic category.
4. Annual publication — The Consumer Sentinel Network Data Book is published each year, providing the definitive federal statistical baseline for that calendar year.

The Federal Bureau of Investigation's Internet Crime Complaint Center (IC3) maintains a parallel tracking system focused on cybercrime-facilitated identity theft. The IC3's annual Internet Crime Report captures losses specifically attributable to online vectors — including phishing and identity theft and account takeover fraud — which are not always duplicated in FTC totals. The IC3 reported $10.3 billion in total cybercrime losses across all categories in 2022 (FBI IC3 2022 Internet Crime Report).

Common Scenarios

Federal complaint data consistently clusters around five primary fraud scenarios:

Credit card fraud — The most frequently reported subcategory in FTC data, accounting for approximately 40% of identity theft reports in 2023 (FTC Consumer Sentinel Network Data Book 2023). This encompasses new account fraud and existing account takeover under a unified statistical category.

Government documents and benefits fraud — The second-ranked subcategory, heavily driven by fraudulent unemployment insurance claims and pandemic-era benefit exploitation. Tax identity theft and Social Security identity theft are tracked within this cluster.

Loan or lease fraud — Includes fraudulent applications for personal loans, student loans, auto loans, and real estate instruments. Mortgage and real estate identity theft and student loan identity theft represent distinct sub-segments within this category.

Employment or tax-related fraud — Covers fraudulent W-2 filings, false employer identification, and IRS refund fraud. This category intersects directly with employment identity theft as a professional classification.

Medical identity theft — Tracked separately in some federal reporting contexts due to its interaction with HIPAA-regulated data systems. Medical identity theft generates both financial losses and patient safety risks not captured in purely monetary loss figures.

Decision Boundaries

Statistical consumers — including researchers, journalists, legal professionals, and policymakers — must apply clear analytical boundaries when working with federal identity theft data.

FTC Sentinel vs. IC3 data: These are non-identical datasets. FTC Sentinel measures consumer complaint volume across all fraud types. IC3 measures cybercrime-specific incident reports with associated financial loss estimates. A data breach and identity theft incident may generate reports in both systems or neither, depending on whether a consumer filed a complaint and whether the breach involved an online crime vector.

Reported losses vs. total economic impact: FTC figures reflect reported consumer losses. The Identity Theft Resource Center (ITRC), a nonprofit tracking breached records, estimates that total economic harm — including unreported fraud, remediation costs, and indirect losses — substantially exceeds reported totals. The ITRC's Annual Data Breach Report documents breach volume separately from FTC complaint counts.

Demographic concentration: FTC data consistently shows that consumers aged 30–39 file identity theft reports at higher per-capita rates than other age cohorts, while senior identity theft and child identity theft represent categories where reporting rates are structurally suppressed — seniors due to detection delays, children because minors rarely monitor their own credit files.

Single-incident vs. multi-type fraud: A single data breach event can generate complaint reports across credit card fraud, loan fraud, and government benefits fraud simultaneously. Statistical aggregation counts each fraud type separately, meaning the total complaint count can exceed the total number of affected individuals.

References

• FTC Consumer Sentinel Network
• FTC Consumer Sentinel Network Data Book 2023
• FBI Internet Crime Complaint Center (IC3) — 2022 Internet Crime Report
• Consumer Financial Protection Bureau — Identity Theft
• Identity Theft Resource Center (ITRC) — Annual Data Breach Report
• Social Security Administration — Identity Theft
• IRS — Identity Theft Central