When identity theft hits home, it’s not just a personal crisis; it’s a governance issue. New data from the Identity Theft Resource Center shows that cyberattacks are causing deeper financial and emotional harm than ever before. For pension systems that guard sensitive member data, the message is clear: protecting information is part of protecting benefits.

The Story:

The Identity Theft Resource Center’s 2025 Consumer Impact Report, supported by Experian, reveals that identity crimes have become more sophisticated and emotionally damaging.

Between August 2024 and July 2025, the Center worked directly with more than 4,000 people trying to recover from identity theft, fraud, or scams. The organization’s latest survey shows a troubling trend. Criminals aren’t just striking once. They’re returning to the same victims again and again, stealing larger amounts of money and causing even deeper disruption than in years past. Even seemingly “minor” compromises, like a social-media account takeover, can now lead to denied loans, lost jobs, or housing instability.

Why It Matters for Public Pension Trustees and Administrators:

While the report focuses on consumers, its findings mirror the vulnerabilities public institutions face. Pension funds hold vast amounts of personally identifiable information (PII)—from retirees’ Social Security numbers to beneficiaries’ bank details. The ITRC data underscores that cybersecurity breaches are no longer isolated IT events; they have compounding financial and human consequences. Pension trustees must treat digital-identity protection as a fiduciary responsibility to safeguard members’ benefits and well-being.

Key Details:

• Repeat Victimization: 71 percent of surveyed consumers had experienced identity crime more than once, up 22 points year-over-year.
• Financial Stakes: Losses exceeding $10,000 rose sharply; some victims reported losses of over $1 million.
• Emotional Toll: More than two-thirds of self-identified victims considered self-harm, revealing the severe human cost of digital crimes.
• Cyber Hygiene Gap: The use of credit freezes and paid monitoring services has declined among the public, signaling “security fatigue” even as attacks become more complex.
• AI Concerns: Over two-thirds of victims believe artificial intelligence will be a significant factor in future identity-theft threats, yet fewer than 40 percent trust AI-powered security systems.

Action Steps for Pension Systems:

• Conduct annual cybersecurity and data-governance audits to verify how member PII is stored, transmitted, and protected.
• Require multi-factor authentication and role-based access controls for trustees, vendors, and service providers.
• Offer member education on fraud prevention, including phishing awareness and password-management guidance.
• Establish a rapid-response protocol with vendors and custodians for any suspected data breach.
• Consider collaborating with nonprofit experts, such as the Identity Theft Resource Center, for training or outreach initiatives to members.

Read More:

Access the full 2025 ITRC Consumer Impact Report at idtheftcenter.org.