SAN FRANCISCO (11/3/09)--Consumers who received a data-breach notification within the past year are four times more likely than typical consumers to have been victims of identity fraud, says new research. However, consumers rarely attribute the fraud to their data breach exposure. "Data breach notifications are intended to help consumers take protective action," said Mary Monahan, managing partner and research director at Javelin Strategy & Research, which conducted its third annual survey of nearly 5,000 U.S. consumers. "Notification is critical because consumers are over four times more likely to encounter actual fraudulent transactions if they receive a data-breach notification," Monahan said in a press release. "But our research shows a disconnect between breach notifications and consumer awareness of risk, which results in individuals not being adequately protected." During the past three years, roughly 11% of consumers received a breach notification, said the report. More than one-third of breach victims experienced exposure of their Social Security numbers, and 15% had their ATM personal identification numbers (PINs) compromised. Despite almost 20% of breach victims suffering some kind of fraud in the past year, only 2% attribute their fraud to the breach. "Consumers who receive notification of breaches need to be better protected by resolving the disconnect between breach notification and consumer awareness of actual fraud risk," said Javelin's Risk, Fraud and Security Analyst Robert Vamosi. Vamosi told SCMagazineUS.com that results are not a blip. In 2007 and 2006, Javelin saw a similar pattern. He noted the correlation between receiving a breach notification letter and the increased risk of suffering an actual identity theft may be do to the fact that alerts many times are sent only to people severely impacted by a breach.