ChoicePoint Stops Selling Some of Your Info


ChoicePoint will discontinue its sale of products that
contain Social Security numbers, drivers licenses and other sensitive data
as a result of a major database breach.


Adding to those woes, the Securities and Exchange Commission is
investigating stock sales made by its top two executives after the breach.
CEO Derek Smith and President Douglas Curling made a $16.6 million
profit before the breach was made public.


ChoicePoint said in a statement it will continue to support consumer
transactions where the data is needed to nurture relationships, such as
insurance, employment and tenant screening. It will also provide
authentication or fraud prevention tools to governments and large corporate
customers where consumers have existing relationships.


The decision to curtail sales of services and products is expected to
significantly reduce 2005 core revenues by $15 million to $20 million. The
transition will begin immediately and is expected to be completed within
three months.


“These changes are a direct result of the recent fraud activity, our review
over the past few weeks of our experience and products, and the response of
consumers who have made it clear to us that they do not approve of sensitive
personal data being used without a direct benefit to them,” said Smith.


The transition comes after the personal information of more than 145,000
people, including 35,000 Californians, was tapped late last year.
ChoicePoint discovered the breach after determining some requests for names,
Social Security numbers and other information were fraudulent.


In the ensuing months, the company discovered nearly 50 fraudulent accounts
posing as legitimate businesses. The company later notified California
consumers that their information may have been accessed, as required by
California Senate Bill 1386. As many as 750 consumers were confirmed to have been directly affected.


“We apologize again to those consumers that may be affected by the
fraudulent activity,” Smith said. “We remain committed to helping them take
active steps to protect their personal data and to assisting law enforcement
officials who are investigating the attacks on consumer’s identities.”


Enterprise Strategy Group analyst Brian Babineau said ChoicePoint’s move was
“absolutely” necessary and that the case could spark a greater market for
database security.


“It’s a necessary one until they can find out a better way to secure their
Web services and Web commerce business,” Babineau said. “Now we’re starting
to see companies scale back what they can sell for product and what they
can’t because of the security implications. Once you present it as a Web
layer, you open up more possibilities for infiltration.”


The ChoicePoint issue, along with the recent revelation by Bank of America that it lost storage tapes containing the personal
information of U.S. senators, has reverberated throughout the government.


Yesterday, a group of Democratic U.S. lawmakers called for a federal
investigation on how terrorists could use information from commercial
databases. The lawmakers argued that foreign terrorists could use
information from commercial databases like ChoicePoint’s to obtain
identification that would help them get into the United States.


Moreover, two federal bills prompted by the security breach were introduced
yesterday in the Senate and House of Representatives. The proposals would
require information brokers to provide consumers with access to personal
information.

News Around the Web