ChoicePoint just won’t be outdone. They were, after all, the company that started all the extensive attention on data security breaches. Back in February 2005, ChoicePoint announced that it had improperly sold personal data on about 145,000 people to identity thieves. Pursuant to a California data security breach notice law, ChoicePoint notified the affected individuals in California. Soon afterwards, many states started thinking: Geez, we’d like our citizens to be informed too. They put up a fuss, and ChoicePoint voluntarily agreed to notify all of the 145,000 people it said were affected. Many states subsequently passed data security breach notification laws similar to California’s.
There’s been a ton of media exposure about security breaches at major companies. Most recently, Time Warner admitted it lost data on 600,000 current and former employees. Bank of America Lost data on over 1 million people. ChoicePoint sold personal information on about 145,000 people to identity thieves. And Lexis Nexis had data on about 310,000 people improperly accessed. USA Today adds it all up and concludes: