Anndorie Sachs had her life turned upside down when authorities showed up at her door in Salt Lake City and threatened to take her four children away - all because another woman had stolen her identity and given birth to a baby who tested positive for drugs.
When CBS News first reported her story back in 2006, it was estimated that 200,000 Americans each year were the victims of what is called medical identity theft, but in the years since, the problem has gotten dramatically worse. According to a recent report by the Ponemon Institute, an independent research organization specializing in privacy and security issues, the number of victims grew to 1.85 million in 2013 - a 19 percent jump from the year before.
"In the criminal world, medical identity theft is now the low-hanging fruit," says Ann Patterson, the program director of the Medical Identity Fraud Alliance, which sponsored the Ponemon report.
Patterson told CBS News' Crimesider that while financial institutions like banks and credit card companies have created protections for their account holders, the health care industry lags behind, making medical data particularly vulnerable.
And unlike bank or credit card fraud, which can be detected with a credit report, there is no easy way for people to know when their identity has been stolen and used to get medical services.
"Typically, people don't discover they've been victimized until there is a bill that goes to collections. And it could be that the damage is already done to your medical file," says Steve Toporoff, an attorney in the division of privacy and identity protection with Federal Trade Commission.
According to Marie-Helen Maras, an associate professor at John Jay College of Criminal Justice and the author of "Computer Forensics: Cybercriminals, Laws and Evidence," thieves can use your personal information to get health insurance in your name, obtain prescriptions, even check into the hospital to give birth or have surgery.
"The impact of medical identity theft can be even more dire than financial identity theft," says Toporoff.
Yes, you might be billed for a procedure you didn't actually get, but that's not the only potential consequence. You could also end up being given the wrong blood type if you're in a car accident, or lose your insurance coverage because someone else maxed out your benefits. According to the Ponemon report, 15 percent of the medical identity theft victims surveyed reported that the theft had created misinformation in their medical records that led to a misdiagnosis, and 14 percent said they experienced a delay in care.
Because there is no central repository for medical data, there isn't a single place to alert health care providers like doctors and hospitals that you've been victimized and that someone might be masquerading as you.
"Victims have to go provider by provider and wait until it pops up again," says Eva Velasquez, the president and CEO of the non-profit Identity Theft Resource Center.
According to the Ponemon report, victims of medical identity theft spent an average of just over $18,000 in legal fees, payments to healthcare providers and other related expenses to get their financial and medical records straightened out after being victimized.
To make matters worse, the Medical Identity Fraud Alliance's Patterson says that police don't tend to investigate individual instances of medical identity theft; instead they focus on finding patterns in an area that might lead to an organized crime group.
"Police aren't necessarily going to put resources toward investigating the $5,000 surgery you didn't have," she says.
So, if a lone thief steals your identity and starts using it to get medical care, chances are he or she could get away with it - at least for now.
Patterson says the one area of medical identity theft where law enforcement has taken significant action is Medicare fraud, because it involves taxpayer dollars. She told Crimesider that she hopes the health care industry will band together and tackle the growing problem.