Has anyone ever had their RFID passport hacked and their identity stolen?

While there have been demonstrations of how RFID passports can be hacked and cloned, there are no widely reported cases of individuals having their identity stolen directly from an RFID passport hack. However, several incidents highlight the vulnerabilities of RFID technology in passports:

1. Hacking Demonstrations: In 2006, Lukas Grunwald demonstrated how to clone an RFID passport chip by using publicly available standards from the International Civil Aviation Organization (ICAO) and a custom-made RFID reader45. Similarly, in 2009, Chris Paget showed how easy it was to capture data from US passport cards using RFID in a "drive-by" test2.

2. Security Concerns: The encryption keys used in RFID passports are based on easily obtainable information such as the passport number, date of birth, and expiration date, making them vulnerable to unauthorized access1. This could potentially allow for the creation of cloned passports, though not necessarily identity theft in the traditional sense.

3. Data Breaches: While not directly related to RFID hacking, there have been significant data breaches involving biometric data, such as the 2019 incident involving U.S. Customs and Border Protection (CBP), where traveler images were compromised due to a subcontractor's actions3. However, these breaches were not specifically due to RFID hacking.

In summary, while RFID passports have been shown to be vulnerable to hacking and cloning, there are no documented cases of identity theft specifically resulting from such hacks. The primary concerns are related to privacy and potential misuse of the technology rather than direct identity theft.