ChoicePoint (Quote, Chart) will discontinue its sale of products that contain Social Security numbers, drivers licenses and other sensitive data as a result of a major database breach.
Adding to those woes, the Securities and Exchange Commission is investigating stock sales made by its top two executives after the breach. CEO Derek Smith and President Douglas Curling made a $16.6 million profit before the breach was made public.
ChoicePoint said in a statement it will continue to support consumer transactions where the data is needed to nurture relationships, such as insurance, employment and tenant screening. It will also provide authentication or fraud prevention tools to governments and large corporate customers where consumers have existing relationships.
The decision to curtail sales of services and products is expected to significantly reduce 2005 core revenues by $15 million to $20 million. The transition will begin immediately and is expected to be completed within three months.
"These changes are a direct result of the recent fraud activity, our review over the past few weeks of our experience and products, and the response of consumers who have made it clear to us that they do not approve of sensitive personal data being used without a direct benefit to them," said Smith.
The transition comes after the personal information of more than 145,000 people, including 35,000 Californians, was tapped late last year. ChoicePoint discovered the breach after determining some requests for names, Social Security numbers and other information were fraudulent.
In the ensuing months, the company discovered nearly 50 fraudulent accounts posing as legitimate businesses. The company later notified California consumers that their information may have been accessed, as required by California Senate Bill 1386. As many as 750 consumers were confirmed to have been directly affected.
"We apologize again to those consumers that may be affected by the fraudulent activity," Smith said. "We remain committed to helping them take active steps to protect their personal data and to assisting law enforcement officials who are investigating the attacks on consumer's identities."
Enterprise Strategy Group analyst Brian Babineau said ChoicePoint's move was "absolutely" necessary and that the case could spark a greater market for database security.
"It's a necessary one until they can find out a better way to secure their Web services and Web commerce business," Babineau said. "Now we're starting to see companies scale back what they can sell for product and what they can't because of the security implications. Once you present it as a Web layer, you open up more possibilities for infiltration."
The ChoicePoint issue, along with the recent revelation by Bank of America that it lost storage tapes containing the personal information of U.S. senators, has reverberated throughout the government.
Yesterday, a group of Democratic U.S. lawmakers called for a federal investigation on how terrorists could use information from commercial databases. The lawmakers argued that foreign terrorists could use information from commercial databases like ChoicePoint's to obtain identification that would help them get into the United States.
Moreover, two federal bills prompted by the security breach were introduced yesterday in the Senate and House of Representatives. The proposals would require information brokers to provide consumers with access to personal information.
ChoicePoint Stops Selling Some of Your Info
