The ITRC has released its 2026 Trends in Identity Report, which shows identity crimes have evolved from isolated events into “multi-layered” crises!

In the 2026 Trends in Identity Report released by the Identity Theft Resource Center (ITRC), the ITRC outlines the identity crimes reported to the ITRC from April 1, 2025, through March 31, 2026, and how criminals convinced people to willingly share information, as well as how stolen information was used to open new accounts.

According to the report (available here), identity crimes have evolved from isolated events into “multi-layered” crises, with 25.6 percent of victims now managing two or more concurrent incidents, up from 23.5 percent the previous year. The report, grounded in the experiences of more than 6,000 individuals, highlights a milestone in compromise methods: for the first time, unauthorized device access has surpassed scams as the primary threat for adults aged 35–64.

Key Findings in the 2026 Trends in Identity Report Include:

• Unauthorized access to computers and mobile devices increased by 78 percent year-over-year from 15.3 percent of all identity compromises to 27.2 percent of all compromises. Over the same period, scams involving the sharing of personal information declined from 43.1 percent to 36.1 percent of compromises.  
• While 53 percent of victims with no financial loss reported a resolution, only nine (9) percent of those with any financial impact were able to resolve their cases. Among those who experienced three or more financial impacts, zero (0) percent reported a resolution.  
• Fraudulent employment is now the most common crime against minors, accounting for 40 percent of misuse cases for children and dependents.
• Attempted misuse cases caught by financial institutions rose by 26.8 percent, suggesting that while automated fraud detection is improving for credit accounts, systems for employment and government benefits are lagging.

The ITRC also reported the following: 

• Account-problems scams are the highest-volume scam type; 74 percent of victims shared high-value personally identifiable information (PII), the highest rate of any scam category. Job and employment scams were the second most common and the most intensive in terms of information harvested.  
• Of the attempted misuse cases reported to the ITRC, 62.1 percent involved new account applications, and 37.9 percent involved attempted account takeovers. Credit cards accounted for 41 percent of all attempted misuse by account type, followed by checking accounts at 17.7 percent and personal loans at eight-point-five (8.5) percent. 
• Colorado residents reported the highest rate of multi-layered incidents (49 percent), while Illinois saw nearly triple the national average for fraudulent employment.

The 57(!) page PDF 2026 Trends in Identity Report provides these and a lot more key cyber-stats. Check it out here!

So, what do you think? Are you surprised that the numbers aren’t worse? I am. Please share any comments you might have or if you’d like to know more about a particular topic.

Image created using DALL-E 3, using the term “robot IT workers realizing their data has been breached”.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.