A new report from Javelin Research is getting attention for its extraordinary claim that data breaches are responsible for only a tiny minority of identity theft cases, compared to lost wallets and other low-tech exposures. But a closer look at Javelin’s numbers casts serious doubt on the company’s conclusions.

The stat that’s getting the most buzz in Javelin’s 2009 Identity Fraud Survey Report (.pdf) comes from identity theft victims’ responses to this survey question: “How was your information obtained?” Only 11 percent of the respondents said it was lost in an online transaction, and an equal number said it was stolen in a data breach. Some 43 percent blamed a lost or stolen wallet.

“Despite the hefty blame – largely perpetuated by the media – placed on the internet and cybercrime, online identity theft methods (phishing, hacking and malware) only accounted for 11 percent of fraud cases in 2008,” claims Javelin. “The truth is, most known cases of fraud occur through traditional methods, when a criminal has direct, physical access to the victim’s information.”

Damn you media! It’s time to stop this incessant hyping of the data breaches that have compromised information on hundreds of millions of consumers. Obviously, stolen wallets are the real epidemic.

But the 11 percent stat crumbles on even a casual inspection.

This is a very important piece.  Please read it in full at Wired.