A U.S. public-private alliance co-founded by Blue Cross/Blue Shield Association, AARP, the Identity Theft Resource Center, and others will officially launch next month to fight medical identity theft amid a sickening spike in this form of fraud.

The new Medical Identity Fraud Alliance (MIFA), whose other founders include the Consumer Federation of America, the National Healthcare Anti-Fraud Association, and ID Experts, is aimed at combating medical ID theft by getting together key players and establishing solutions and best practices, technologies, research, as well as educating and helping empower consumers to better protect their increasingly targeted health information. MIFA will also provide a venue for information- and attack intelligence-sharing.

The FBI and U.S. Secret Service will participate in a liaison capacity with MIFA, and the alliance has reached out to both the Federal Trade Commission and Department of Justice. “Medical identity theft is being called the fastest-growing type of fraud,” says Robin Slade, a development coordinator for MIFA, who hails from the fraud-detection side of the financial services industry. “It contributes to the increasing cost of health care.”

Slade says there were 1.85 million victims of medical ID fraud last year, but most insured adults are unaware of this new form of crime, which comes with the added risk of physically endangering the victim. Some 40 percent of medical ID theft victims have had their health insurance canceled due to fraudulent charges; victims spend thousands of dollars and more than a year’s worth of time trying to recover from the fraud, says Bill Barr, a development coordinator with MIFA and co-founder of the Smart Card Forum.

Medical identity theft typically stems from individuals sharing their insurance or other medical information with family or friends, or when health-care organizations suffer breaches that expose patient data. Some 94 percent of U.S. health-care organizations have been hit by at least one data breach, and close to half have suffered more than five breaches in the past two years, according to The Ponemon Institute’s Third Annual Benchmark Study on Patient Privacy and Data Security, published late last year, which was commissioned by ID Experts, one of the co-founders of MIFA.

While about half of victims of medical ID fraud know the perpetrators who abuse their information — typically a family member or friend — according to Ponemon’s data, cybercriminals are increasingly targeting this type of information, too. Underground forums sell packages of stolen information on victims, including so-called “kitz” that include bank account credentials, Social Security numbers, health insurance credentials, and phony driver’s licenses or other IDs. These sell for $1,200 to $1,300, according to Dell SecureWorks, which recently uncovered some of these scams.

Health insurance credentials go for about $20 apiece, plus another $20 for dental, vision, or chiropractic plans, for instance. Buyers are using the health insurance information to get free medical services, drugs, and surgeries, according to Dell SecureWorks.

A perfect storm is brewing for medical ID fraud with the nationwide move to electronic health records, combined with the new health-care law yielding new health-care exchanges and newly insured Americans, Slade says. “It’s a combination of the ‘electronification’ of the data and the increase in data breaches. Plus most consumers are unaware that this [threat exists],” she says.