10 Pieces of Information That Are Used to Steal Your Identity
Whatsapp Pinterest

Identity theft is serious business. Here's How Much Your Identity Could Be Worth on the Dark Web Here's How Much Your Identity Could Be Worth on the Dark Web It's uncomfortable to think of yourself as a commodity, but all of your personal details, from name and address to bank account details, are worth something to online criminals. How much are you worth? Read More According to the Bureau of Justice, identity theft cost victims over $24 billion in 2012, more than household burglary, motor theft, and property theft combined. It can have long-lasting and significant consequence for victims, and by all reports, it’s a really horrible experience.

We tell you regularly to make sure you protect your data How to Counter Data Breaches: 3 Simple Ways to Protect Your Data How to Counter Data Breaches: 3 Simple Ways to Protect Your Data Data breaches don't only hit share prices and government department budgets. What should you do when news of a breach strikes? Read More , but it’s not always clear exactly how you should do that. You know that personally identifiable information should be protected, but what, exactly, qualifies as that? And which pieces are valuable? These 10 pieces of information are the ones that thieves are looking for, and that you should protect most zealously.

Social Security Number

This is an obvious one. It’s used for confirming your identity in a wide variety of places, from opening a PayPal account to getting government documents. It can be used to get a new bank account, access online accounts, file a fraudulent tax return, or even be given to police upon arrest, implicating you in a crime you didn’t commit.


In short, the social security number (or another similar identifying number, if you live in another country) is a jackpot for an identity thief. And once they have this number, it’ll be much easier to get the other information they need to steal your identity.

Date and Place of Birth

Like your social security number, your date of birth is used in a variety of ways to confirm your identity. It’s often used as a secondary confirmation measure by online accounts if you need to reset your password, and it’s on most official forms that you’ll fill out, from governmental paperwork to financial accounts.

Unfortunately, most of us — myself included — have a tendency to plaster our dates of birth all over the Internet by attaching them to our social media and loyalty accounts (amusingly enough, I’m writing this advice on my own birthday). Automated “Happy Birthday” posts don’t always include the year, but even having the month and day is a big step toward getting the information an identity thief would need.

Your place of birth is also used as a secondary confirmation measure by a number of online providers and could be used to reset your password or grant a thief access to your account, so should also be protected.

Driver’s License or Passport Number

Both of these numbers can help identity thieves get more information about you, including your full name, date of birth, nationality, and even address. If your actual license or passport is stolen, it can be altered to include a picture of someone else, further complicating the situation and potentially giving a thief access to parts of your life that you thought were well-protected.


A passport is especially dangerous, as it could lead to identity theft on an international level — accounts could be opened in your name in other countries, any existing accounts in other countries could potentially be accessed, and it’s even possible that an altered passport would allow a thief to travel internationally under your name.

Account Numbers

Checking and savings account numbers, credit and debit card numbers, and even retirement and investment account numbers are all highly sought after by identity thieves. With the right combination of account number, another identifying piece of information, and a password or PIN, a thief could gain access to any of these accounts and start siphoning away money.

In general, you probably don’t share account numbers very often, so you probably don’t need to do a whole lot more to protect this information. Just make sure not to keep your account numbers in places where they shouldn’t be, like written down on a pad of paper in your desk or in a plain text file on your desktop.

With the rise of healthcare fraud 5 Reasons Why Medical Identity Theft is Increasing 5 Reasons Why Medical Identity Theft is Increasing Scammers want your personal details and bank account information – but did you know that your medical records are also of interest to them? Find out what you can do about it. Read More , it’s also a good idea to protect your health insurance numbers and any other similar information you might have.

Banking PINs

Your personal identification numbers should randomized, but a huge number of people use combinations like “1234,” “5280,” and “1111” to secure their credit and debit cards. Thieves know this, and if you have a weak PIN, you’re much more likely to suffer some form of theft if you lose one of your cards.


Using birthdates, anniversaries, or other personal information that could be guessed from a quick look at your Facebook account isn’t a good idea, either. And be sure to use different PINs for different accounts; if an identity thief gets into one account, you don’t want to give them free access to another!

Card Expiration Dates and Security Codes

When you make an online purchase with your credit or debit card, you usually need to enter the expiration date and security code. If a thief has your card number and these pieces of information, they can probably use your card with free reign What To Do If You’re A Victim Of Online Credit Card Fraud What To Do If You’re A Victim Of Online Credit Card Fraud Read More on the Internet. Advanced skimmers can now get this information from an infected terminal, but phishing is still a common method for obtaining this information.

As with pretty much any other piece of identifying information, don’t give this out unless you’re absolutely sure that you’re talking to someone who needs it. Phone phishing scams can target this sort of information, and just because someone says they’re from your credit card company (even if your caller ID tells you the same) doesn’t mean they’re asking for your benefit.

Physical and Email Address

Both of these can be used for phishing in an attempt to get you to give away identifying information, and past addresses can also be used for identity verification by financial institutions (when you open a bank account online, you’ll sometimes be asked if you’ve been associated with a particular past address). This can lead to whaling, a type of cyberattack that’s worse than phishing.


Your email address is also your username for a lot of online accounts, and with the right pieces of other information, a thief could access the account or reset the password. Like our birthdays, our email addresses are usually pretty easy to find, but you may want to consider putting it out there a little less.

Phone Number

Your phone number isn’t used for identity verification very often, but it can be put to great use by a talented phisher — getting in touch with you by phone and claiming that they’re with a financial or governmental institution is a favored method for getting more pieces of identifying information.

Most people are pretty hesitant to give out their phone numbers, but one slip-up could mean you have scammers on the way. It’s a good idea to stay vigilant about giving out your phone number, but being a little suspicious of people who call is probably warranted, too.

Your Full Name

Again, this is something that’s all over the Internet, so you might not think of it as valuable information to a thief. However, with the number of nicknames, shortenings, and aliases that people use, having your full first, middle, and last name can be quite valuable to a thief, especially if they’re looking to open a new account in your name.


“Name as it appears on card” is also an important check that’s made on many online purchases, so if a thief knows your full name, they’ll be able to make a better guess at what might be on your card.

Your Affiliations, Memberships, and Employer

Again, you might not think that this is information that would be valuable to an identity thief, but it can be of great use during a phishing expedition New Phishing Techniques To Be Aware of: Vishing and Smishing New Phishing Techniques To Be Aware of: Vishing and Smishing Vishing and smishing are dangerous new phishing variants. What should you be looking out for? How will you know a vishing or smishing attempt when it arrives? And are you likely to be a target? Read More , especially a personalized one, which is known as spear fishing What Is Spear Phishing? How to Spot and Avoid This Email Scam What Is Spear Phishing? How to Spot and Avoid This Email Scam Received a fake email from your bank? Its part of a scamming technique called spear phishing. Here's how to stay safe. Read More . Most people are much more likely to give out identifying information if they think they’re talking to someone from a group that they belong to; it could be an employer, a sports club, a fan club, or even an Internet group.

As with any means of phishing, your best bet is to be vigilant and make sure that you’re talking to who you think you’re talking to. If someone asks for personal identifying information, it’s a good idea to confirm with the organization that they need it and that someone called for it. If it’s a bank or your employer, just go into a local branch or work to share the information instead.

Protect Yourself

You probably knew that giving our your social security number online was a bad idea, but you might not have realized just how valuable some of these other pieces of information are. Identity theft is a really terrible thing to have happen to you. So be sure to protect these pieces of information whenever you can, even if it means not sharing quite as much on social media where hackers may use several methods to steal your identity 7 Ways Hackers Steal Your Identity on Social Media 7 Ways Hackers Steal Your Identity on Social Media Here are several ways your identity can be stolen on social media. Yes, scammers can steal your identity on Facebook! Read More .

And if you shop online, make sure you’re aware of formjacking and how to avoid it What Is Formjacking and How Can You Avoid It? What Is Formjacking and How Can You Avoid It? The big online security risk of 2019 looks like it could be formjacking. Here's how hackers steal your data from website forms. Read More .

Image credits: Hand and cholesterol word by Green Apple via Shutterstock, zimmytws via Shutterstock, NAN728 via Shutterstock, RTimages via Shutterstock, karnizz via Shutterstock, Rob Byron via Shutterstock.

Explore more about: Identity Theft, .

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Anonymous
    April 6, 2016 at 3:39 pm

    And yet we are constantly urged, if not forced, to conduct our business online where any and all the above information may demanded from us. Given the state of corporate security, or rather the state of hacker sophistication, putting anything on the 'Net is asking for trouble.

    As an example, it is getting harder and harder to download either TurboTax or TaxAct and do one's taxes locally on one's PC. But it is very easy to do them online and e-file. What guarantee do we have that Intuit or 2nd Story Software of IRS servers are secure enough not to allow our personal data from being disseminated all over creation? Also, would Intuit, 2nd Story and/or IRS even let on if they were subject to a security breach?!

    • Dann Albright
      April 7, 2016 at 1:39 pm

      The security of company servers has always been an issue. I assume that tax companies make a pretty strong effort in getting top-notch security because they know a single big leak would totally ruin them. That probably means that there's no guarantee that they'd release news of a leak, but at the same time, it's hard for me to imagine that someone wouldn't either figure it out really quickly and bring it to public attention or that there would be someone inside the company that would leak that information to the media. I don't really know, though; it's hard to tell!