Consumer information sold to ID thieves

145,000 are thought to be victims

ChoicePoint CEO not seen since theft

February 19, 2005|By COX NEWS SERVICE

ATLANTA - Data-brokering company ChoicePoint Inc. unwittingly sold personal information on at least 145,000 consumers to identity thieves, and is trying now to notify people whose records have been breached.

ChoicePoint said the thieves, posing as legitimate businessmen, obtained enough personal data about the consumers to provide a ready-made identity-theft kit.

The Alpharetta, Ga.-based company, in suburban Atlanta, said it has notified 35,000 consumers in California about the theft. But another 110,000 in the rest of the country won't know if their records were breached for several more days - when ChoicePoint sends letters to the affected customers telling them their identities have been breached.

ChoicePoint spokesman Chuck Jones said the company does not yet know the names and residences of those whose records were breached, but it expects to have the information "in the next few days."

Then a three- or four-day notification process will begin.

"The bottom line is that if a consumer has been impacted, they will receive a letter from ChoicePoint," Jones said. "If they do not get a letter, they can feel comfortable they were not impacted."

Yesterday, the Los Angeles task force in charge of a criminal investigation of the theft in California confirmed that at least 700 people had their identities stolen during what it said was a yearlong scam by unknown con artists who had signed up as clients of ChoicePoint.

Robert Costa, a sheriff's lieutenant and the task force leader, said the number of people vulnerable to identity theft in the case could reach 500,000.

The volume of data compromised was so huge that deputies are almost certain that a 41-year-old Nigerian man sentenced Thursday to 16 months in jail in the fraud did not act alone. Olatunji Oluwatosin was arrested when ChoicePoint faxed him some paperwork at a Kinko's store in a sting operation. He pleaded no contest and did not agree to help authorities in the probe.

Also yesterday, attorneys general in 38 states - including Maryland - have joined in an open letter to ChoicePoint demanding that the company notify anybody in their states affected by the security breach that they may be vulnerable to identity theft.

Specifically, the attorneys general want ChoicePoint to provide "as much detailed information as possible about the breach and when it occurred." They also told ChoicePoint to urge consumers "to check their credit reports for new accounts or suspicious activity."

Its Web site - - contains a brief explanation of the incident. But Jones said the company had not established a designated team or telephone number for callers who want to know if their accounts had been tampered with.

Experts say there was nothing consumers could have done to prevent the theft. The criminals used business accounts ChoicePoint believed to be legitimate to obtain the information, including names, addresses, Social Security numbers, criminal histories and credit data.

"Unfortunately, sometimes you can play by all the rules and you still get caught up in a situation like this," said Bill Cloud, a spokesman for the Georgia Governor's Office of Consumer Affairs, which routinely receives reports of identity theft - in which a criminal assumes someone's identity, then makes purchases or takes out loans.

The breach was discovered in October. But ChoicePoint said law enforcement officials asked them to delay revealing the intrusion.

Meanwhile, ChoicePoint's chairman and chief executive, Derek V. Smith, has been conspicuous in his absence this week as the company faces a public relations nightmare. Smith is the author of a book on personal security, A Survival Guide in the Information Age: 145 Important Tips to Protect You and Your Family.

Smith has cultivated an image as an information guru through speeches and interviews - including one last month on ABC's Nightline. But since news of the crisis broke, he has made no public statements and has declined interview requests.

"Derek being the chairman and CEO, I can see why people would want to talk with him," Jones said yesterday. "But he's really our strategy person, not the spokesman for this."

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.