The Atlanta company, which provides consumer data services to insurance companies, other businesses and government agencies, said the unidentified individuals posed as legitimate businesspeople in order to. Chuck Jones, a company spokesman, said that roughly 50 fraudulent accounts were set up by the schemers, through which they could view the data of California residents.
News of the crime first surfaced when ChoicePoint sent an e-mail to individuals potentially affected by the attack last week. Among the data available through the company's services, and possibly accessed by the criminals, are consumers' names, addresses, Social Security numbers and credit reports, Jones confirmed. However, he said it is nearly impossible to tell what information was.
"It's not easy to determine if anyone's info has been accessed; what has been determined is that some information could have been accessed," Jones said. "That is why ChoicePoint decided to notify people who may be impacted by this."
Jones said the company is working with federal, state and local law enforcement officials on the case, specifically the Los Angeles County Sheriff's office, U.S. Postal inspectors and the FBI. The officials have identified one case where data stolen in the scheme was used to commitbut have yet to offer more details on that incident.
The spokesman said ChoicePoint has already changed its procedures to prevent similar attempts to steal personal information but declined to comment on those policies. When individuals attempt to access their own information via the company's services, they are tested with a battery of detailed questions on their data to, Jones said.
The consumer data heist underscores the ease with which criminals can pose as lawful businesses towithout their knowledge. Jones said that ChoicePoint currently maintains 19 billion public records on U.S. residents.
Companies typically pay to access the data to create background profiles on customers applying for loans, insurance or even government jobs. Some experts have called for reform of privacy laws, many created as many as 30 years ago, that still govern the disclosure policies of companies such as ChoicePoint.
Jones said that ChoicePoint, which was spun off massive credit reporting house Equifax in 1997, hasn't experienced similar attacks in the past. However, the company has gone to great lengths to engender trust in the accuracy and security of its data, evenin 2000 to enhance the database it makes available to government and law enforcement agencies.