44 State AGs Settle with ChoicePoint Over Information Privacy Breach
Attorneys general from 44 states have signed an agreement with a Georgia-based company that distributes consumers’ personal information to settle allegations that the company failed
to adequately maintain the privacy of that information.
The company, ChoicePoint, provides personal identification information and credential verification services to insurers and other businesses, government and non-profit organizations.
In February 2005, ChoicePoint announced that criminals, posing as legitimate businesses, gained access to consumers’ personally
identifiable information. Following that breach, the company used the
California breach notification law as a guide and mailed more than 145,000 notices to consumers across the country whose information may have been viewed or acquired by the criminals.
As part of the agreement, ChoicePoint will make changes in the way it
grants credentials to new customers who have access to personally
identifiable information. Certain sensitive information available to the
public, including Social Security numbers, will now receive greater
protection.
Nationally, about 750 people were victimized by identity theft related to the breach, according to the attorneys general.
ChoicePoint will also pay $500,000 to the states under the settlement.
According to officals, the agreement marks the first time a data broker has agreed to safeguard publicly available information using the same credentialing methods that it uses to safeguard financial information protected by law.
“This agreement is a landmark achievement in the fight to protect an
individual’s personal information,” said Florida Attorney General Bill McCollum. “Identity theft is the crime that often never stops victimizing its target, stealing not only their money but also their good name.”
Consumers who suffered expenses relating to identity theft that
resulted from the ChoicePoint breach may obtain redress under a 2006
Federal Trade Commission Order that required the company to pay $5 million into a fund for consumer reimbursement. The deadline to submit a redress claim form to the FTC is June 22, 2007. If consumers meet the eligibility requirements for redress, they can complete the redress form and submit that for consideration. More information is available at:
http://www.ftc.gov/bcp/conline/cases/choicepoint/index.shtm.
The states signig the settlement are: Alabama, Alaska, Arizona,
Arkansas, California, Colorado, Connecticut, Delaware, Florida, Hawaii, Idaho, Illinois, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, South Dakota, Tennessee, Texas, Vermont, Virginia, Washington, West Virginia, Wisconsin and the District of Columbia.
- US High Court Declines Appeal, Upholds Coverage Ruling on Treated Wood
- Verisk: A Shift to More EVs on The Road Could Have Far-Reaching Impacts
- T-Mobile’s Network Breached as Part of Chinese Hacking Operation
- PE Firm Cornell Sued Over $345 Million Instant Brands Dividend