There are a lot of potential possibilities.  I'm not saying that you shouldn't be vigilant with your data but avoiding applying with a reputable creditor is a bit much IMO.  If you're worried about ID theft then make sure you're regularly reviewing your reports.  You may want more frequent checks then just the annual reports.  Make use of freezes if desired.  Don't overlook the CRA's that are not the big 3.

http://files.consumerfinance.gov/f/201501_cfpb_list-consumer-reporting-agencies.pdf

---

@Anonymous wrote:

Hi,

 

I am not sure where to post this question so please feel free to move this in the right place.

 

I have been wondering since recently started to build credit that if someone can steal your ID if you apply for credit cards.  We give them all our info and a lot of customer service being outsourced, is it not a risky endeavour?

 

Sorry if this sounds stupid but I have been getting a bit sceptical, please feel free to chime in.

 

Thanks.

---

Is it possible? Oh, absolutely.

Is it something you should worry about? Nope!

For one thing, there isn't really much you can to avoid the (small) risk... (except for avoiding filling out fake paper credit card applications at a Krispy Kreme )

Also remember - you wouldn't be individually targeted.  Any insider job is likely to be pulling medium-to-large amounts of account data, and when it is inevitably discovered, will be dealt with enmasse.  (And the same outsourcing issue you're concerned about for the issuers?  The CRAs themselves use the same sorts of outsourced providers, with full access to your entire report...)

As Petrovius mentioned above, a card being skimmed and cloned is far more likely than an account actually being opened in your name.  And in both cases you have legal protections on liability (and frequently issuers do better than legally required there - $0 vs $50 limit).

For perspective: in the last 20 years, I've had:

• one "insider" compromise issue (PayPal...), that was resolved before I woke up that day and checked email/accounts;
• three skimmer incidents (all gas stations, all NJ "mandatory full service"), a pain to deal with (new cards/numbers, calling security dept of issuer), but all charges were reversed fairly quickly;
• and more data breach incidents than I can count (three healthcare providers/insurers, several "big box" retail stores, several large online merchants, one local case (company payroll vendor had a laptop stolen, with unencrypted personnel data on it), and of course all of the undetected/unreported cases that I'm sure have also happened.

However - the only side effect of the data breaches has been the continuous (sometimes overlapping) free credit monitoring paid for by the breached companies.  Not a single fraudulent account opened.  (Not saying it doesn't happen - of course it does.  But the odds of it happening to any one person, even after a data breach? Low.)