I’m so freaking sick of today’s headlines claiming that “hackers” somehow broke into ChoicePoint’s (obscenely comprehensive) consumer databases and obtained information which allowed them to then steal people’s identities. This is a story that’s been discussed on Dave Farber’s Interesting People mailing list since yesterday, and the truth of the matter — reported correctly only by MSNBC thus far — is that a group of criminals managed to create fake businesses and then set up entirely valid accounts with ChoicePoint in the name of those businesses, and then obtained the information about consumers via those accounts.

Notice the difference? If it’s reported that nefarious hackers broke into ChoicePoint and stole the data, then ChoicePoint comes out looking like a victim. On the other hand, if it’s reported that the failure was in ChoicePoint’s internal mechanisms for verifying the validity of an account application, the existence of the company behind that application, and the right of that company to obtain credit information, then ChoicePoint is revealed as a remarkably large part of the problem. Add to that the fact that ChoicePoint is only notifying consumers in the one state that requires them to (hell, there isn’t even a note about it on the company’s news release page), and doing so four months after they sold consumer data to criminals, and the story truly does take on a different character.

Comments and TrackBacks

I fully agree with you. Yesterday on FOX they stated 145,000 victims. If only 35,000 were notofied, what about the other 110,000. I am so glad I have Identity Theft Shield. I pity those who don’t.

• Posted by: Eva Holding on Feb 18, 2005, 11:52 AM

This is the story that gives me an excuse to name Paris Hilton here at MaisonBisson. Here’s a fact of 21st century life: pieces of our life that, taken one by

• Pinged by MaisonBisson.com on Feb 21, 2005, 10:26 PM

Seemed like I stirred up some trouble in my last blog entry on IT security professionals. Guess some folks are offended that I referred to them as big fat idiots who are doing a disservice to the industry by blogging…

• Pinged by Thinking Out Loud: Thought Leadership from an Enterprise Architect on May 3, 2005, 6:53 AM
Please note that comments automatically close after 60 days; the comment spammers love to use the older, rarely-viewed pages to work their magic. If comments are closed and you want to let me know something, feel free to use the contact page!