Ethics Newsline®

ATLANTA
ChoicePoint Inc., a firm that markets massive amounts of consumer data to private firms and the government, was named last week in a lawsuit stemming from the company’s recent disclosure that it had been duped into disclosing private information about at least 145,000 people.

ChoicePoint discovered the criminal breach last October, but kept quiet while cooperating with investigators, claiming that public disclosure would have hindered the probe. The company finally disclosed the problem last week, reported the Associated Press.

According to ChoicePoint, bandits posing as legitimate companies were given ChoicePoint accounts and passwords, granting them access to consumers’ names, addresses, Social Security numbers, credit reports, and other information for an estimated five months. One person has been arrested so far.

In a state-by-state breakdown of the estimated 145,000 people whose private data may have been hacked, ChoicePoint identified likely victims in all 50 states, the District of Columbia, and three U.S. territories.

The state with the highest number of possible victims was California, where information on more than 34,000 consumers may have been stolen and where last week’s lawsuit was filed.

The invasive attack on ChoicePoint’s massive database of 19 billion records not only put a dent in the company’s image, but may push federal legislators to improve privacy protection laws, noted the Seattle Post-Intelligencer.

ChoicePoint, whose stock price took a blow after the security failure was announced, last week said it is doing all it can to restore consumers’ trust and make amends, reported the Atlanta Journal-Constitution.

ChoicePoint said it will be revamping its internal security, will re-screen 17,000 business customers to ensure their validity, and will pay for a one-year subscription to a credit-monitoring service for all affected consumers.