Close Sign Up Share Page Print Take Poll Provide Feedback

Sign Up

Share Page



Oklahoma State Victim Resources:

Attorney General
Phone: (405) 521-3921

Oklahoma Department of Public Safety

Legal Assistance in Oklahoma

Free Legal Self Help Forms Online

Agencies that offer assistance to IDT victims:

Legal Aid Services of Oklahoma, Inc.                                                               
Program Phone: (405) 488-6768   
Legal Assistance: (800) 421-1641

Oklahoma Indian Legal Services, Inc.                                                               
Program Phone: (405) 943-6457   
Legal Assistance: (800) 658-1497

Security Freeze Law:

All Oklahoma consumers are allowed to place security freezes on their consumer credit reports to prevent new accounts from being opened in their names. Such a freeze enables the consumer to prevent anyone from looking at his/her credit file for the purpose of granting credit unless the consumer chooses to allow a particular business look at the information. To request a freeze, a consumer must request one in writing by certified mail. Consumer reporting agencies may charge a fee of $10 to place or temporarily lift a security freeze. However, victims of identity theft with a valid investigative or incident report or complaint with a law enforcement agency about the unlawful use of the victim's identifying information by another person and people 65 years of age or older may not be charged.

The reporting agency must place the freeze within five business days after receiving the request, and within ten days of receipt of the request, must send a written confirmation of the freeze and provide the consumer with a unique personal identification number or password to be used by the consumer when providing authorization for the release of his credit for a specific party or period of time. Requests for a temporary unlocking of the freeze must be completed within three business days.
Statute: §24:149-159:
(must use the "Next Section" link on the red menu bar at the top of the page to move through the eleven sections).

How to Place a Security Freeze:

Mandatory Police Report Law for Identity Theft Victims:

Even if the jurisdiction may lie elsewhere for investigation and prosecution of a crime of identity theft, victims of identity theft have the right to contact the local law enforcement agency where the victim resides and have an incident report about the identity theft prepared and filed. The local law enforcement agency that prepares and files the incident report must, upon request, provide the victim with a copy of the incident report. The law enforcement agency may share the incident report with law enforcement agencies located in other jurisdictions. An incident report prepared and filed pursuant to this section shall not be an open case for purposes of compiling open case statistics.
Statute: §1533.3:

Identity Theft Passport Law:

Victims may apply for an identity theft passport, which can be presented to law enforcement to help prevent arrest or detention for an offense committed by another person. (Financial institutions are not required to honor an identity theft passport as proof of identity or proof of identity theft). The Oklahoma State Bureau of Investigation, which administers the program, notifies the state Department of Public Safety whenever a passport is issued and shares the passport records with law enforcement agencies upon request. The records are available only to law enforcement and are sealed to the public.

To obtain a passport, victims apply to the Oklahoma State Bureau of Investigation (OSBI), and must:

  • Obtain and submit an Order of Expungement; or
  • Submit a copy of an identity theft report, filed with a federal, state, or local law enforcement agency, indicating the report of the applicant being a victim of identity theft; a copy of an identity theft affidavit that was submitted to one or more of the three national recognized consumer reporting agencies; and a copy of the certified mail delivery receipt showing the affidavit was received by the reporting bureaus.

Passport Application Form:

Statute: §22:19b:

Identity Theft Laws:

It is unlawful for any person to "willfully and with fraudulent intent" obtain certain personal identifying information about another with the intent to obtain or attempt to obtain money, credit, goods, property, or service in the name of the other person without his/her consent. This identifying information includes: the name, address, social security number, date of birth, place of business or employment, debit, credit or account numbers, driver license number, or any other personal identifying information of another person, living or dead.

State law also prohibits a person from willfully creating, modifying, altering, or changing any personal identifying information of another person with fraudulent intent to obtain any money, credit, goods, property, service or any benefit or thing of value, or to control, use, waste, hinder or encumber another person's credit, accounts, goods, property, title, interests, benefits or entitlements without the consent of that person. Identity theft is a felony offense punishable by one to five years in prison and/or a fine of up to $100,000.
Statute: §21:1533.1:

Other Related Laws:


Victims may apply for an expungement of their criminal records if the criminal acts were committed by someone who has assumed their identity. Expungement is available for a person who has been charged or arrested or is the subject of an arrest warrant for a crime that was committed by another person who has appropriated or used the person's name or other identification without the person's consent or authorization.
Statute: §22:18(9):

Security Breach

State law requires businesses and state government agencies that own or license computerized data that includes personal information to disclose any breach of security of the system to any resident whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

Personal information is defined as an individual's first name or first initial and last name in combination with and linked to any one or more of the following data elements, when the data elements are neither encrypted nor redacted: Social Security number; driver's license number; or a financial account number, or credit or debit card number, in combination with any required security code, access code, or password that would permit access to the individual's financial account. It does not include publicly available information that is lawfully made available to the public from federal, state, or local government records. Notification can be provided by mail, e-mail, or telephone. If the cost of providing regular notice would exceed $50,000, the amount of people to be notified exceeds 100,000, or the entity does not have sufficient contact information to provide written or electronic notice, substitute notice may be provided. When substitute notice is used, it must consist of any two of the following: e-mail notice, conspicuous posting on the agency's web site, and notification to major statewide media.
Statute: §24:161 through 165:
(must use the "Next Section" link on the red menu bar at the top of the page to move through the sections).


State law prohibits phishing, a form of identity theft when someone sends an e-mail that looks official but is used to trick the recipient into giving away personal information that can be used to access a person's financial accounts or obtain goods and services. The law prohibits a person from knowingly sending e-mails that falsely represent another legitimate business and prohibits linking or sending the e-mail recipient to a false Web page in order to collect identifying information. It is also unlawful to obtain identifying information from the e-mail recipient, directly or indirectly, for activities the recipient thinks is valid.

State law allows Internet providers and legitimate Web page or trademark owners to file civil actions against violators. The penalties include injunctive relief to stop the violator and allows those damaged by the violations to recover either actual damages or $100,000 for each violation, whichever is more, plus reasonable attorney fees and court costs. A court can increase the award on actual damages to not more than three times the actual damage if the court finds the violations establish a pattern.
Statute: §15.776.8 through 776.12:
(must use the "Next Section" link on the red menu bar at the top of the page to move through the five sections)

Statute: §15.776.1:

Caller Identification Fraud

Under state law, a caller may not knowingly insert false information into a caller identification system with the intent to mislead, defraud or deceive the recipient of a telephone call. A caller identification system means a listing of a caller's name, telephone number, or name and telephone number that is shown to a recipient of a call when the recipient answers. This provision does not apply to any blocking of caller identification information; any law enforcement agency, or any intelligence or security agencies of the federal government. Violations are a misdemeanor, punishable by up to one year in county jail and/or a fine up to $10,000.
Statute: §15.776.20 through 776.23:
(must use the "Next Section" link on the red menu bar at the top of the page to move through the four sections)

Payment Cards

It is a misdemeanor for a person to knowingly use or attempt to use a credit or debit card that has not been issued to him/her or which is not used with the consent of the person to whom the card has been issued to obtain credit; purchase goods, property, or services; for the purpose of obtaining cash advances; or to deposit, obtain, or transfer funds. Violations are punishable by up to thirty days in jail and/or a fine up to $500, if the amount of the credit or purchase or funds deposited, obtained, or transferred is under $500. If it is over $500, it is punishable by up to one year in jail and/or a fine up to $1000.
Statute: §21:550.2:

It is illegal for any person to try to obtain credit or purchase goods, property or services, cash advances, or obtain or transfer funds by knowingly using or attempting to use in person, by telephone, or by the Internet, a credit or debit card that has not been issued to him, is used without consent of the owner, or is false, counterfeit, or nonexistent. If the amount of credit, purchase, or funds obtained transferred is under $500, it is a misdemeanor punishable by up to one year in jail and/or a fine up to $1000. If the amount is over $500, it is a felony punishable by up to five years in prison and/or a fine up to $5000.
Statute: §21.1550.2:

Financial Institutions

It is a felony, punishable by up to ten years in prison, for any person to obtain or attempt to obtain another person's personal, financial, or other information of a financial institution by means of a false or fraudulent statement made to an employee of the institution, or to present false or fraudulent information to obtain information or commit a crime.
Statute: §21-1533.2:


State law provides that restitution to the victim of identity theft may be ordered in addition to any criminal penalty imposed by the court.
Statute: §21.1533.1:

Civil Suits

Victims may also bring a civil action for damages against any person participating in furthering the crime or attempted crime of identity theft.
Statute: §21.1533.1:


Information gathered from sources including Identity Theft Resource Center and Identity Crime in partnership with International Association of Chiefs of Police and Bank of America.