"Identity theft" is a catch-all term describing fraud committed using this sort of information. It may not be as specific a term as you want it to be, but that's far from not being "actually a real thing".
The point being that "identity theft" is typically used to shift responsibility to the individual from institutions.
Truth is that "fraud" has existed for centuries (though the incidence of "financial fraud" in print has exploded since the mid 1980s). "Identity theft" emerged in the late 1990s.
> The point being that "identity theft" is typically used to shift responsibility to the individual from institutions.
That's hasn't been the case for me. Each of the several times my data was taken and there was the possibility of identity theft, the company responsible ended up having to pay for various monitoring schemes.
And should that data have been used fradulently, it would still have been the fault of whatever person took that data, not the institution that misproperly handled it.
It's not that "my identity has been stolen". It's that financial institutions (and others) have established procedures for freely creating binding obligations in my name on the flimsiest of actual evidence. It's fraud, enabled by financial institution's weak procedures.
It really is a terrible term though. I dislike it enough that I sent Al Franken a letter asking him not to use it during hearings (though given that I'm not in Minnesota it probably wasn't even a symbolic act).
