Data breaches have been dominating headlines recently... It also comes with a good reason and bad intentions. The number of identity fraud victims jumped to 13.1 million in 2013, a new report from Javelin Strategy & Research finds. That's an increase of 500,000 from 2012 and the second highest number of victims since Javelin began conducting its annual study in 2004.

Data breaches were one of the main sources of fraud last year, with one in three people who received notifications of a data breach discovering their identities were used for fraudulent means, Javelin found.

While the number of victims is on the increase, the amount of money stolen is down, the study says. The total cost of identity fraud in 2013 was estimated at $18 billion, more than $3 billion less than the year before. The cost figures have dropped radically since 2004, when identity fraud hit an all-time high of $48 billion.

"There were significant strides forward in 2013 in the fight against identity fraud," says Al Pascual, senior analyst for security, risk, and fraud at Javelin Strategy. "Even though the incidence of fraud increased, the amount stolen significantly decreased."

Attackers have moved on from simple credit card theft toward opening new accounts in the victim's name, the study says. Account takeover fraud hit a new record in incidence for the second year in a row and accounted for 28 percent of all identity fraud.

Additionally, fraudsters increasingly turned to eBay, PayPal, and Amazon with the stolen information, making purchases online at a higher rate than the previous year, Javelin says.

Quick tips in protecting your data and personal information (via Forbes):

1. Only Make Purchases On Trusted Sites
Sticking with trusted, well-known online retailers, or smaller sites that use reputable payment processors like PayPal or Google Checkout. You should always make sure to look for the padlock icon on the bottom of your browser to verify that the page is safe.

2. Order Your Credit Report
Your credit report allows you to see whether someone has opened new accounts under your name.

3. Know How To Spot Phishing
Phishing is a technique used by identity thieves to get your sensitive information by pretending to be a site you trust. When logging into these accounts, make sure that you’re not being asked for any information that you usually wouldn’t be required to provide to log in. Social security numbers and addresses are often red flags. Also, check the url of the site.

4. Secure Your Network
If you have a wireless network at home or work, make sure that you secure it. A hacker can gain access to anything you do over an unsecured network in a matter of seconds. If you look at the documentation for your wireless router, you’ll be able to find out how to lock your router and encrypt your information. It won’t affect the way you use your wireless network, but it will keep intruders from getting a hold of your information.

5. Can the Spam
Be very leery of “spam” (or junk e-mail) that works its way into your inbox. Not only are these messages often from phishers, but they can also contain Trojan horses (viruses) that can get into your computer and send your information back to their unsavory creators. If you have the option, install spam-filtering software (or ask your e-mail provider whether it can add spam-filtering to your account). Not only will this cut back on going through your daily pile of junk e-mail, it can also keep your data safe.

6. Don’t Store Sensitive Information On Non-Secure Web Sites
As more and more useful Web applications start springing up (like Backpack, Facebook and Google Calendars), it’s important to make sure that you’re not storing sensitive data on non-secure Web sites.

7. Set Banking Alerts
Setting alerts for your accounts for unauthorized accesses.

8. Don’t Reuse Passwords
As tempting as it may be to reuse passwords, it’s a really good practice to use a different password for every account you access online. It may take a little more organization to use different passwords for each site, but it can help marginalize the effects of unauthorized access to your accounts.