More than 120 million people in the US had personal data exposed in 2007 as identity theft reached record heights. That's according to research from the non-profit organisation the Identity Theft Resource Center (ITRC) which reported 446 separate breaches exposing 128 million records.

The data shows a more-than sixfold increase over its 2006 figures, when 312 incidents were recorded, involving more than 19 million individuals.

Another group, Attrition.org, shows 319 personal information data loss incidents in 2007 in its database, both in the USA and other countries.

Criminals can fraudulently use other another person's identity data to buy goods, take out loans, take money from savings accounts, and hire cars. That person has to recover from the loss and endure badgering by debt-recovery organisations and bailiffs.

Here in the UK in 2007 we saw:-

- HMRC and Standard Life - 15,000 records exposed
- HMRC child benefit database - 25 million records lost
- HMRC and Countrywide Assured - 6,500 records leaked
- Northern Ireland Driving Agency - 6,500 records exposed
- Driving Standards Agency - 3 million records lost.

This means that UK government agencies alone lost over 28 million people's identity data in 2007. Additional medical data records were lost due to NHS errors.

The number of new identity fraud victims contacting credit reference checking agency Experian continues to grow: 2,570 victims of identity fraud contacted it for assistance in the first half of 2007; a 68 percent year-on-year increase.

Helen Lord, Experian's fraud and regulatory compliance director at Experian, said: "The rate of identity fraud growth continues to be scary."

Identity theft criminals are being caught and punished. However, ITRC founder, Linda Foley, herself an identity theft victim, said: "Identity theft is like the never-ending story. It acts like an oil spill that spreads in yet another direction with the ocean currents and wind despite best efforts to contain it."