Criminals may have stolen personal data of 35,000 Californians by
infiltrating computers at ChoicePoint Inc., a company that keeps
background information on virtually every U.S. citizen.
The electronic break-in raises the risk of widespread identity
theft, in which criminals drain bank accounts or run up big credit
card bills under other people's names. Six cases related to the
ChoicePoint case have already been reported in Los Angeles County,
according to the Associated Press.
ChoicePoint of Alpharetta, Ga., sent letters to the 35,000
potentially affected people last week, warning them that their
personal data may have been illegally accessed. Only Californians are
believed to have been affected, the company said.
ChoicePoint was informed of the intrusion by law enforcement in
October. It waited to tell consumers, as is required by law in
California, at the request of authorities so as not to interfere with
their investigation.
On Oct. 27, California sheriff deputies arrested Olatunji
Oluwatosin, 41, when the Nigerian national went to his Los Angeles
office to receive a fax ostensibly from ChoicePoint, the Associated
Press reported.
He's been in jail since then and is scheduled to appear in Los
Angeles County Court on Thursday.
Robert Costa, the lieutenant in charge of Southern California's
High Tech Task Force Identity Theft Detail, said agents believe
several other people were involved.
"We believe that this is probably a pretty large,
sophisticated ring and unfortunately all we got was a shard of
glass," Costa told the Associated Press. "It definitely
could not have been limited to Southern California."
The criminals gained access to ChoicePoint's computers by posing as
legitimate businesses, using stolen identities, ChoicePoint said. In
all, they created up to 50 different accounts.
"It's the kind of thing you can only catch after the
fact," said James Lee, chief marketing officer for ChoicePoint.
ChoicePoint keeps 19 billion public records on U.S. citizens. Data
include names, addresses, Social Security numbers and credit reports.
Insurance companies, government agencies, law enforcement and other
customers use the service for background checks, among other things.
ChoicePoint has warned those who received letters to review their
credit reports for unauthorized activity and any sign of identity
theft.
Lillie Coney, associate director for the Electronic Privacy
Information Center, a privacy watchdog group, said the break-in
illustrates the need for companies like ChoicePoint to be federally
regulated. They are not covered now by financial privacy laws that
apply to credit reporting agencies.
"It's unfortunate that this incident happened, but it
highlights the need to legislate the industry," Coney said.
Lee, from ChoicePoint, said his company welcomes regulation and
strict penalties for intentional misuse of personal data.
