Cybercriminals have their pick of vulnerable targets to compromise, and want to focus more on conducting identity theft over just stealing payment information.
After a data breach, especially if a debit or credit card information has been stolen, compromised users ask their banks to cancel cards. However, a data breach in which names, addresses, Social Security numbers and other personal data are stolen give criminals the ability to take their time to launch future attacks.
"We're clearly seeing a shift in the tactics of cybercriminals, with long-term identity theft becoming more of a goal than the immediacy of stealing a credit card number," said Tsion Gonen, VP of strategy for identity and data protection of Gemalto. "Identity theft could lead to the opening of new fraudulent credit accounts, creating false identities for criminal enterprises, or a host of other serious crimes."
This news isn't overly surprising, but is troubling just days after the Anthem insurance data breach - in which up to 80 million customer records could be at risk. Almost 1 in 5 US consumers had their bank account, credit card information, or Social Security numbers compromised, according to a Pew Research study conducted in 2014.