That was the finding of a year-long study of about 5,000 U.S. consumers by Pleasanton, Calif.-based analyst firm Javelin Strategy & Research. Javelin's research showed that despite recent hype, data breaches were responsible for just 6 percent of all known cases of identity theft, compared to 30 percent from incidents like losing one's wallet. The study also showed that less than 1 percent of all individuals whose data was lost later became victims of ID theft.

Javelin's results are similar to those found by other firms that have looked at the relationship between data breaches and actual instances of ID fraud. In a Gartner Inc. study in 2005, for instance, only 18 percent of identity theft victims attributed the cause to computer breaches, while 41 percent cited off-line causes. Similarly, a December 2005 analysis by ID Analytics Inc. of four major online data breaches involving 500,000 customer records showed that less than 1 percent of those affected had their identities stolen.

The numbers are important at a time when a spate of data breach disclosures has heightened consumer concerns and is fueling a debate among lawmakers about the need for more stringent data protection laws, analysts said.

"There is a misperception that there is a one-to-one correlation between a data breach and ID theft," said Thomas Oscherwitz, vice president of government affairs and chief privacy officer at San Diego-based ID Analytics. In reality, "the mere fact that you are part of a data breach doesn't mean that you are a victim of ID theft," he said.

The degree of risk can depend on the type of breach, Oscherwitz said. Data breaches involving a deliberate hacking, for instance, are likely to be much more risky than those involving a lost disk or laptop, he said.