Just going to throw this out there.
I think everyone agrees that Identify Theft is a huge issue but no one seems to take ownership of it.
I would say there are two to three kinds of identify theft methods
1. physically stealing information, like out of your mailbox, or a waiter steals your CC number off your card receipt from dinner
2. data lost from electronic breaches/losses
In general, if the first two happen to you there is little you could have done about it. Yeah you can get a PO Box, yes you can pay with cash for everything, so that aside or even maybe if you have done that let's talk about #3.
With phishing, I had to have a lack of thought (or common sense) and enter PII into a phishing site "I" did that. No hacker MADE me do that, I did it.
So the point? Instead of saying "a hacker stole my identity" maybe we should start urging people to take ownership of their stupid ass mistakes and say "I lost my identity" when the situation warrants it. Taking ownership of mistakes generally leads to not making that mistake again where passing the buck off to someone else for the blame generally leads to a wasn't my fault mentality.
When someone loses a cell phone and a person finds it and makes calls we don't say someone stole their cell phone do we? We say I lost my cell phone and some jerk ran up the charges.
I do realize that some bad guy has to actually "do" the actual identify theft, but if you gave him the information, its not his fault your an idiot just his luck.