Major Data Theft Leads to Major Legal ProblemsBy Deborah Gage | Posted 2005-12-13 Email Print
Learn How a Virtual Networking Approach Can Strengthen the Security of Federal Networks REGISTER >
ChoicePoint's security and accuracy snafus prompt lawsuits.
Choicepoint, the Alpharetta, Ga.-based data broker, became a synonym this year for problems with keeping data secure and accurate.
In February, ChoicePoint admitted that it was fooled into selling personal information on 145,000 people to Nigerian identity thieves posing as small businesses.
In November, the company disclosed in a regulatory filing that the number of affected people had climbed to 162,000. ChoicePoint also uncovered other instances of fraud while investigating the identity thefts committed by the Nigerians, the company said in a statement published in September.
In that statement, ChoicePoint said it notified 5,054 people that it had lost control of IDs and passwords belonging to the Miami-Dade County Police Department, an accredited insurance company, and private investigation firm RPM & Associatesall legitimate ChoicePoint customers. As a result, according to ChoicePoint, personal information may have been exposed.
In addition, ChoicePoint said it notified 126 people that their personal information may have been exposed by two men, who were believed to have used their ChoicePoint IDs and passwords to access information on people whose names were similar to their own in order to commit identity crimes. They were arrested, ChoicePoint said in the statement, and three of their victims had been contacted by law enforcement.
Meanwhile, ChoicePoint is defending itself against lawsuits related to the thefts announced in February. Other government agencies, including the Federal Trade Commission, are conducting inquiries, and Congress is considering bills to regulate the privacy and security of data, although Democrats complain that the bills under consideration are not as tough as current state laws.
Baseline also found that ChoicePoint had problems with data accuracy. The cover story in the June issue of Baseline ("Blur," p. 36) highlighted a half-dozen lawsuits, some dating back to the 1990s, against ChoicePoint in which people claimed to have suffered because of bad data.
For instance, in January 2002, Steven Calderon, a security guard for Fry's Electronics, spent a week in a California jail. Why? A ChoicePoint subsidiary, The Screening Network, provided Fry's with a background check erroneously identifying Calderon as a felon; Fry's called the Anaheim police and had Calderon arrested. ChoicePoint was dismissed from the Calderon case in 2003, and Fry's settled it.
More recently, this September, ChoicePoint signed a confidential settlement agreement with Barbara and Robert Burkhead, and their case against the data broker was dismissed. Robert, a retired assembly line worker, had sued in 2004 claiming that ChoicePoint's CLUE (Comprehensive Loss Underwriting Exchange) database had generated erroneous accident reports on him for six years, which made his car insurance premiums unaffordable.