Compliance Management

ChoicePoint settles with 44 states over 2005 breach

ChoicePoint, the data broker hit with the largest fine in Federal Trade Commission (FTC) history, has now settled with 44 states over a 2005 breach that compromised the personal information of 163,000 people.

The Atlanta-based company agreed to pay $500,000 to the states, in addition to adopting new security controls, including more stringent credentialing requirements when considering new clients - businesses, government agencies or nonprofits - who want access to ChoicePoint’s stockpile of consumer information.

The agreement, announced Thursday by the attorneys general of a number of states, is the most recent fallout resulting from ChoicePoint’s failure to adequately protect private information from hackers posing as customers, who illegally accessed a database.

Matt Furman, a ChoicePoint spokesman, told SCMagazine.com today that the settlement - which resulted out of an investigation launched by the attorneys general of 43 states and the District of Columbia - is another voluntary step the company is taking to rid itself of the stigma caused by the breach. The ChoicePoint incident is widely considered the watershed event in information disclosure.

"It's consistent with our efforts to make our security procedures even stronger," Furman said. "We want to make sure customers are who they say they are."

Attorneys general said the agreement will help further protect the nation's citizens.

"This settlement should set a new standard for any company entrusted with private, personally identifiable information," Connecticut Attorney General Richard Blumenthal said in a statement. "Data collection firms hold the key to our financial worlds – data that can irreversibly unlock our personal vault and expose us to identity theft."

The FTC has identified about 1,400 ChoicePoint fraud victims, who will be reimbursed for costs associated with identity theft. Early last year, the agency slapped ChoicePoint with a record $15 million penalty for shoddy data protection - $5 million of which will go to customer redress.

"Identity theft is one of the nation’s fastest growing criminal enterprises," Texas Attorney General Greg Abbott said Thursday in a statement. "With businesses and consumers losing billions of dollars each year, law enforcement must aggressively crack down on identity theft."

A ChoicePoint spokesman could not immediately be reached for comment.

Get more IT security news. Click here for SC Magazine Blogs..

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.