ChoicePoint Data Theft Worse Than Initially Reported

As I originally suspected the ChoicePoint fraud case has expanded to a national scope. The Associated Press is reporting that half a million people across the United States may have had their information stolen. Attorneys general from 38 states have demanded that ChoicePoint warn any victims in their states, beyond those in California. So far a 41-year-old Nigerian, Olatunji Oluwatosin, has been sentenced to 16 months in jail. According to AP, Oluatosin "was arrested on Oct. 27 when ChoicePoint faxed him some paperwork at a Kinko's store in a sting operation. He pleaded no contest and did not agree to help authorities in the probe."

Politicians are getting angry, according to AP: "On Wednesday, Sen. Dianne Feinstein, D-Calif., called for hearings on her proposed national version of the California law, while Sen. Bill Nelson, D-Fla., asked federal regulators Friday to oversee data-brokering companies the same way they do other companies that handle financial and medical records. New York state legislator James Brennan asked his state to suspend an $800,000 ChoicePoint contract until the company agreed to warn any New York residents whose data might have been exposed."

Suspend until ChoicePoint sends a letter? How about cancelling the contract instead?

Update: Check out this great quote by Adam Shostack:

I hope Richard, at TaoSecurity, takes Choicepoint to IDS kindergarden.

Comments

Anonymous said…
Thank you for blogging this. Illinois' Gov. Rod Blagojevich has done nothing. Illinois' AG. Lisa Madigan sent a letter to ChoicePoint. The citizens don't know anybody that have been harmed by this, so the politicians focus on video games, casinos, and :s/illegal aliens/immigrants/g.
Anonymous said…
What makes such things even more "interesting" is the fact that any minor problem being revealed, triggers even deeper scrutiny, both from the white hat community, as well as - probably - from the black hat one. So brace for much more, in the days to come :(

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics