Wisconsin Lawyer
Vol. 80, No. 8, August 2007
ChoicePoint Inc. is the "poster child" for data security breaches, having managed to suffer every kind of data security breach-related damage. This data broker discovered in October 2004 that it had been duped into turning over to thieves private data on more than 145,000 people. The company did not notify affected data subjects until February 2005. This created mountains of adverse publicity. An April 2007 Google search for "ChoicePoint and data breach" returned, ironically, 145,000 hits.
ChoicePoint reportedly:
- Spent $2 million to notify consumers and $9 million on legal and consulting fees. See ZDNet News, July 20, 2005 (visited Mar. 30, 2007).
- Lost $15- $20 million in sales. See MSN, March 4, 2005 (visited Mar. 30, 2007).
- Paid the FTC a $10 million fine plus $5 million to compensate consumers for expenses.
- Must submit to external security audits every two years for the next 20 years.
- Suffered a 22 percent stock price decline. Case Study: ChoicePoint Incident Leads to Improved Security, Others Must Follow, Gartner RAS Core Research Note, G001427771 (Sept. 19, 2006). (visited Apr. 11, 2007)
Wisconsin Lawyer