Slashdot Mirror
ChoicePoint Identity Theft Fallout Widens
dstates writes "A unique California law forced ChoicePoint to reveal that a break-in had compromised accounts revealing personal information on 40,000 southern californians and leading to more than 750 cases of identity theft. The company initially denied that the break-in compromised consumers outside of California, but CNN is now reporting that 110,000 accounts nationally have been compromised. 'The irony appears to be that ChoicePoint has not done its own due diligence in verifying the identities of those 'businesses' that apply to be customers,' said Beth Givens, director of the Privacy Rights Clearinghouse. 'They're not doing the very thing they claim their service enables their customers to achieve.'"
ChoicePoint: "Who goes there?"
Voice: "Thurston Howell III"
ChoicePoint: "A likely story!"
Voice: "Sherlock Holmes"
ChoicePoint: "We weren't born yesterday!"
Voice: "Landshark"
ChoicePoint: "That's better, here's 35,000 files, let us know if you need anymore."
A feeling of having made the same mistake before: Deja Foobar
Serirously- this isn't paperclips these people are selling ITS YOUR PERSONAL DATA. They need to be closed, and whoever responsible needs to go to jail- and everyone involved in covering up the crime deserves to live in poverty for the rest of their fucking lives.
Well, funny that you mention that. What computer cracker goes into a network and *only* steals the data for 1 state?? No one! Choicepoint was flat out lieing and being unfair to the consumer by stating that only California was affected. It was only when the heat was turned on them by the news media & the internet bloggers that they admitted that more people were affected & would be notified.
How does someone determine if Choicepoint had data on them?
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
What really upsets me is how they originally denied that anyone outside of California had their informaion comprimised.
If they did that, it would cost them business. That would cost them profit. They're a company. Next question?
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
"leading to more than 750 cases of identity theft." I wonder how many total cases of identity theft this incident will cause.
The only way to know is to notify all people that had their identity stolen. All 50 states need to have a ID theft law like California.
Either way, how many more times do things like this need to occur before people will become widely convinced that companies such as these need to be more thoroughly scrutinized?
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
This is what you get when consumer information is obtained and stored behind a cloak of secrecy. This is what you get when privacy laws are not enforced or valued. This is what you get when the standard consumer is ignorant and apathetic to the importance of person information.
"The company initially denied that the break-in compromised consumers outside of California"
Did they actually deny that no one outside of California was compromised, or was it just that they weren't legally obligated to inform anyone outside of the state? From Monday's story, I got the distinct impression that it was the latter (i.e., no legal obligation), rather than outright deception. Regardless, it's still a really crappy thing to have happened.
(on a personal note, given that the break-in happened months ago, and i just got my yearly free credit reports from the 3 agencies and didn't see anything suspicious, I guess I'm a lucky SoCalifornian...)
I emailed Choicepoint demanding an explanation. here is the response:
From: CorpMktg.Communications@choicepoint.com
ChoicePoint was recently a victim of organized fraud, and we understand
this news may be cause for concern.
A very small number of criminals posed as legitimate companies in order to
gain access to personal information about consumers. When the fraud was
discovered, access to information was immediately discontinued and the
authorities were notified.
ChoicePoint has acted quickly to address the circumstances that led to the
unauthorized access, and we are committed to our core principles of working
to create a safer, more secure society through the responsible use of
information while ensuring the protection of personal privacy.
We are sending letters to affected consumers whose information may have
been accessed. If you do not receive a letter from us, you have not been
affected.
If you have not received a letter but are still concerned, here are some
actions you can take to help protect yourself from misuse of information.
If you think you have been the victim of identity theft, you should place a
fraud alert on your credit report by contacting any one of the three credit
bureaus listed below. As soon as one credit bureau confirms your fraud
alert, the other two bureaus will automatically be notified to place fraud
alerts on your credit report, and all three reports will be sent to you
free of charge.
Equifax
800-525-6285
P.O. Box 740241
Atlanta, GA 30374-0241
www.equifax.com
Experian
888-397-3742
P.O. Box 9532
Allen, TX 75013
www.experian.com
TransUnion - Fraud Victim Assistance Division
800-680-7289
P.O. Box 6790
Fullerton, CA 92864-6790
www.transunion.com
When you receive your credit reports, review them carefully. Look for
inquiries you did not initiate, accounts you did not open, and unexplained
debts on the accounts you did open. If there are accounts or charges you
did not authorize, immediately notify the credit bureau by telephone and in
writing.
You should also confirm that information such as your Social Security
number, address(es), first and last names, middle initial and employers are
correct. Errors in this information are often the warning signs of identity
theft, although some inaccuracies may be due to simple mistakes. If you
discover inaccuracies in your report, you should also notify the credit
bureau as soon as possible so the information can be investigated.
You should continue to check your credit reports frequently for the next
year to make sure no new fraudulent activity has occurred.
Finally, if you have discovered errors or suspicious activity on your
credit report, you should consider immediately contacting any credit card
companies with whom you have an account and inform them about the activity.
You should make sure they have your correct information on file and that
any changes to the account were made by you.
If you would like to learn more about your consumer information, you may
visit our consumer site at www.choicetrust.com.
Thank you,
ChoicePoint Corporate Marketing
Tell me one person who would be against putting these executives in JAIL. They were entrusted with data on almost every human being in the United States and they FAILED US. Get the stake, timbers, gasoline, and matches. Heaven knows I am ready for blood.
These kinds of California "sunshine" laws are also the only reason we found out about Enron before it took the whole US economy, not just Houston, down with it. Enron was required by California law, under their misnamed "deregulation" system, to open its books, because it was supplying a lot of energy to Californians. Enron refused, claiming that, as a Texas company, it was not under California jurisdiction. That was when Governor Davis famously asked the Federal Department of Energy to step in, to resolve this interstate conflict. The DOE refused to referee, and Davis eventually found other means to force open Enron's books. When they were reviewed, not only was $8B in California overcharges revealed, but the entire network of Enron debt-laundering was exposed. As well as the rest of their system-gaming that took them out.
California is far from perfect. But their 35M consumers are unusually well protected by laws in the public interest. The economy of California scale forces car makers around the country, and around the world, to comply with their higher standards. Perhaps we will see California's own self interest protect us from other scams like these, as we all get closer to the Golden State.
--
make install -not war
Be born in the USA and have done one or more of the folling things.
Have a Bank Account.
Have a Credit Card.
Have Medical Insurance.
Have Medical Bills.
Purchase service from an Utility Company.
If you answer yes to one or more of the above there is a 99+% chance they have records on you.
I love the way marketing companies have more access to my personal information than I do. Moreover, they're among the "legitimate" businesses who the company claims it sells information to -- any dick and harry spammer joint can be called a "marketing company". In other words, if you have enough money to pour down their gullet, you have the information.
The company says its records enable law enforcers to track down serial killers and have helped find 822 missing children.
Yeah, since they help children, they cannot be an irresponsible company.
"The topic of the responsible use of information is a vital one to our society ... we support a national debate on this very topic," ChoicePoint President Doug Curling said.
Classic tangential marketspeak response from the president.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
Just wait for a letter from a law firm informing you that you are a member of the class action suit against ChoicePoint.
optional additional steps:
2. Do nothing.
3. Profit!!!
Well, I just got your credit report from the 3 agencies, and I feel obliged to tell you that with an average FICO score of 559, you probably shouldn't be calling yourself lucky.
500GB of disk, 5TB of transfer, $5.95/mo
Looks like their stock is still doing ok. Although that could change come Monday. Graph
Do really dense people warp space more than others?
Checkpoint Client Verification = Did the check clear? Is yes then WELCOME ABOARD!
I wonder if the choicepoint execs are included in information you purchase from choicepoint?
"Give away the stone, let the oceans take and transmutate this cold and faded anchor." - Maynard James Keenan
Actually, you can receive a copy of your profile.
This page on the ChoicePoint web site points to Choicetrust. (Insert joke about the mane choice here)
From the Choicepoint web site:
FACT Act Compliance
The Fair and Accurate Credit Transactions Act (FACT Act) was enacted in 2003 and amends the Fair Credit Reporting Act (FCRA), a federal law that regulates, in part, who is permitted to access your consumer report information and how it can be used. The FACT Act entitles consumers to obtain one free copy of his/her consumer file from certain consumer reporting agencies during each 12-month period.
ChoicePoint has three separate companies that maintain consumer files that are subject to the free disclosure requirement: C.L.U.E. Inc. maintains information on insurance claims histories, ChoicePoint WorkPlace Solutions Inc. maintains employment history information, and Resident Data Inc. maintains tenant history information. Each of these companies designed an easy process for consumers to request their free file disclosure.
Please note that a consumer file does not necessarily exist for you with any one of the three companies. For example, if you have not filed a claim with your auto or home insurance company during the last five years, we will not have a report on you. If you have not applied for employment with a customer that we serve, we likely will not have an employment history report on you. If you have not submitted a residential lease application with a customer that we serve, we will likely not have a tenant history report on you.
To request copies of your claims history report, visit www.ChoiceTrust.com or call 1-866-312-8076.
To request a copy of your employment history report, call 1-866-312-8075.
To request a copy of your tenant history report, call 1-877-448-5732.
If you would prefer to send your request by mail, please send your name and address to the appropriate address below. A report request form will be sent to you to complete and return.
For claims history reports:
ChoicePoint Consumer Disclosure Center
P.O. Box 105295
Atlanta, GA 30348
For employment history reports:
ChoicePoint WorkPlace Solutions Consumer Disclosure Center
P.O. Box 105292
Atlanta, GA 30348
For tenant history reports:
Resident Data Consumer Disclosure Center
P.O. Box 850126
Richardson, TX 75085-0126
"Live Free or Die." Don't like it? Then keep out of the USA
I'm an Oregonian... so you know it takes a lot for me to say anything nice about California but...
I just want to thank California for their identity fraud laws that force businesses to disclose when an unauthorized person has accessed records illegally. If it weren't for that, we probably wouldn't know anything about this.
Maybe this is nitpicking, but could we please go back to saying "citizens" instead of "consumers?" Because consumers take whatever crap you give them. Citizens don't.
when you have to have the court tell a company to admit that it was broken into and the 750+ peoples identitys were stolen because of it. its like a kid on the playground, one kid drop kicks another kid of the monkey bars, and when the teacher saw it and asks him what happens the kid replys " i dunno. he fell"... to quote my favorite itallian mobster, tommy vercetti "dicks, their all dicks!"
Good Karma, Bad Karma, doesnt matter to me... I'm still going to say whats on my mind!
And yes, I live in California and yes I've RTFA, this is just an angry response not a true question.
Choicepoint's stated vision.
"We strive to create a safer and more secure society through the responsible use of information"
I'll buy that for a dollar!
Apparently 110,000 people already did.
Strike 3 I guess for them. They got into a boatload o' trouble in 03' for "acquiring" :) 250M records from various Latin American countries without their knowledge. Never hit the media widespread though.
It's a shame too. It took five of us to develop atxi.com, and they raked in a ton' o' cash from the gvt.
This news won't hurt them all too much.
Gee, aren't corporations are the "free market" so much better and more efficient that the government?!
I guess that is why the personal data from the government databases are getting hacked and stolen, but it never happens to databases controlled by corporations....
eat shiat and bark at the moon
We need to have laws that changed that prevent private companies from collecting data, or requesting data on citizens unless the person concerned permits it. I know the credit scores are important yada, yada, but its our data, and we should own it. Companies that profit from our data should be required to take our permission to collect and distribute it.
Any fellow californians interested in starting a initiative for this? Especially those who know how to go about it- I don't!
Well, there's always the possibility for a class action lawsuit that would really make them feel some pain...
Oh, what's that? Not anymore? I guess everyone in their database is just screwed.
God Bless America!
They were reporting California because they had absolutely no choice in the matter because of legal requirements in California. It's a very good thing for all people who have information at Choicepoint that California has that law. Otherwise I have little doubt any of us would know about it.
I do wonder if it would be beneficial to indentity thieves to expressly avoid stealing information about California residents to limit knowledge of their efforts. If those 100K people weren't notified by Choicepoint, it'd give them a lot more freedom to exploit that pile of information.
This sig has been temporarily disconnected or is no longer in service
I was thinking it would be funny if Choice Point was scammed with one of those 419 emails:
That they're announcing that they're 'only' informing 100,000 other US residents can be explained in any of the following ways:
- The attacks were focused on CA residents, for some reason.
- They have only identified 100,000 people this week, and there's another 3 weeks of work to do.
- They are willfully underreporting the actual numbers and hoping that nobody will do the research to prove them wrong.
- Given that the law doesn't require them to inform everybody who got hit, they're only informing those non CA residents who got hit the worst. 2/3 of the people who would have been informed under CA law will never know...
The most interesting information is between the lines. Learn to read there more often. ("Diplomacy is the art of telling a lion 'Nice kitty kitty' while you search for a big rock. Media relations is doing for a company what a diplomat does for a country.")Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Bush just signed a bill to curb class action lawsuits. link to full story below:
1
http://abcnews.go.com/Politics/wireStory?id=51277
Before condemning all of ChoicePoint look at all of the good things they have done like solving hundreds of rape cases, finding missing children, and doing the DNA tests of thousands of crimes. This incident is the result of one offices mistakes and I don't think it is representative of who they are as a whole. If someone wants information bad enough the'll get it. Look at how many times the CIA's website has been hacked into.
I'm sure of it!!!
First a nuclear power plant is compromised because soe mother F#@Tr was browing the internet. Then Microsoft comes up with things like Windows is more secure than Linux kind of crap, then Microsoft admits that Windows is not secure and that one must not plug PCs to the internet... Now this???
I say that whoever is responsible for this didn't have his/her/their record(s) stolen - just sayin.
I just want to see the hanging. Yes roman style with all the torture. They DO deserve it for being stupid.
Your identity are belong to us... get it?
Have a... well guess now nobody can have a good one now. Burn them!!!
===== "Every head is a different world so don't invade mine you FREAK!" smartSAGA said
Can somebody explain how the F these people get personal info about all these people? Is there a way to know if they have my info?
California, at lesat, has stalking laws that makes it a criminal offense to follow another person around etc. Now we need laws that would make it illegal for companies to stalk, archive, or release personal financial records to third parties. In particular it should be be legal for any person or corporation, such as a bank, that reports financial matters about a person to the IRS to request or store social security numbers. The rest should be subject for severe penalties. I suppose that the companies would then just move off shore, thoug.
We in Southern Califonia were advised that we should watch our credit reports for unusual activity to detect identity theft. That activity might be a request for a credit report from Honest John's Automobile sales in Texas. You can get a free credit report once a year from each credit agency - the rest you pay for. Great.
Nate
Meanwhile, in that Bastion of Truth, Justice and the Liberty, Washington DC, George W. Bush signs The Class Action Fairness Act of 2005
<sarcasm>at least america is safe from gay weddings</sarcasm>
A feeling of having made the same mistake before: Deja Foobar
Does anyone else realize that this is the same company that essentially handed over the 2000 election to George W. Bush? They are the ones who were hired by the florida voting commission to compare the data on federal criminals in the US with those in FL so that the FL federal criminals couldn't vote. Only they botched (on purpose?) it up completely and had a 5% accuracy rate resulting in thousands of voters (mostly black) getting turned away at the polls. Coincidentally (yeah, right) they were awarded a 60 million dollar data sorting job in Iraq once the war started. Funny, if they failed so miserably in FL why would you reward them with a bid in Iraq? This company is a joke.
choicepoint was the latest in a long line of corrupt corporations to be used by America to overthrow a democratically elected leftist government in some other country. But they could not take Chavez down. Viva Chavez!
eat shiat and bark at the moon
is if someone looked up on Choicepoint, say, the CEO and other high-ranking executives and posted all their personal information here.
The karmic justice of these clowns having to spend substantial time and money trying to protect their credit history and whatnot would be priceless.
I'm not advocating that anyone should do this. I just think it would be justice because we're certainly not going to see any otherwise.
Must MILLIONS of US citizens have their personal information warehoused, prostituted, and subject to theft because of the comparatively few that it may have helped? This is one case where I believe the cost FAR outweighs the benefit.
In the law California has been at the forefront for a long time. It used to be New York but now most "unusual" laws come out of Californians. Thank goodness they experiment so the others can adopt.
And by coincidence, I'm contesting a mystery $9.95 charge on my CC I never made this month. The first time I've ever had a bogus charge show up.
Although I can't say the whole ChoicePoint thing is a suprise. After all, the entire purpose of their business is to sell that information. It's not good business to turn away customers, now is it? Oh sure, they probably turn away the most egregious crooks who show up. But their business is to sell your information to whoever want to pay for it.
Seriously, I'd wager 50 bucks that the number is much, much higher than what is being reported. They (and possibly those investigating it) are not reporting the actual numbers since they either A) don't know or B) fear it might cause a panic if it were known. For them to collect 145,000 identities, they weren't bumbling with their methods. They knew exactly how to work the system and probably have a significant chunk of ChoicePoint's records...if not the majority of them.
My fear is that the only way significant change will be made to this "records collection" system is when banks and credit companies cannot sustain their business model due to massive fraud. When your credit card has a 40% interest rate due to them recovering the cost of fraud, then we might see something happen.
I wonder if the others (Equifax, TransUnion, Experian) have ever been compromised? Is it just a matter of time?
How Identity Theft Shield Could Help ChoicePoint Victims and Others Like Them North Bergen, N.J. Feb. 18 -- In the next few days, 145,000 consumers across the United States will be warned, or have been already, that their personal information has been compromised due to a massive theft of information from ChoicePoint, Inc., a leading consumer information collection company. If any of these 145,000 people were customers of Identity Theft Shield - they would be able to access 24-hours-a-day, seven-days-a-week, all the services available to victims. By accessing real-time credit reports, placing consumer notices and/or fraud alerts, and notifying creditors before the situation turns into a full-blown identity theft. The hours, frustration, and money Identity Theft Shield can save are countless. Responding quickly when personal information has been compromised is the best approach to preventing and reducing the damage of identity theft. Identity Theft Shield gives the customer the ability to make one call and receive information about whether an identity theft has occurred due to a security breach, and if there has, have access to a licensed investigator able to help the customer repair the damage. Identity Theft Shield is a subscription service, and our customers must be enrolled prior to an incident in order to receive service. Victims of the ChoicePoint fraud and others like it would have needed to enroll prior to notification of personal information theft in order to be serviced. However, Identity Theft Shield's annual cost is less than a victim would have to pay for two hours' time of most post-incident recovery services. "We are delighted to partner with Pre-Paid Legal Services to offer their clients high-quality, cost-effective access to identity theft related benefits through Kroll's fraud experts," said Troy D. Allen, vice president of Kroll Background America Inc. "Now, through Pre-Paid, middle-income families have yet another valuable product to help achieve greater financial security and piece of mind." About Kroll Kroll Inc. (Nasdaq: KROL), the world's leading independent risk consulting company, provides a broad range of investigative, intelligence, financial, security, and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Headquartered in New York with more than 60 offices on six continents, Kroll has a multidisciplinary corps of more than 2,200 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies and individuals. Based in Nashville, Tenn., Kroll's Background Screening Group provides employee and vendor background investigations, substance abuse testing, disability claims integrity programs, and identity theft solutions. For more information, visit www.krollworldwide.com . About Pre-Paid Pre-Paid Legal Services develops and markets legal service plans across North America. The plans provide for legal service benefits, including unlimited attorney consultation, will preparation, traffic violation defense, automobile-related criminal charges defense, letter writing, document preparation and review and a general trial defense benefit. More information can be located at the Company's homepage on the worldwide web at www.prepaidlegal.com . Contact: Dawn or Derrick Carpenter, Ind. IDT/Legal Service Brokers 201-430-3932 dawnanderrick@prepaidlegal.com http://www.whosusingyourname.com
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
Businesses and governments across the world over the last 20 years said "oooo we need to modernise and to store everyone's personal details on computer"
Whilst for efficency it is fine, actually in every other respect it was always going to be a bad idea.
Things like this will continue to happen across the world unfortunately on bigger and bigger scales, of that I am convinced.
It's just too easy. It doesn't matter what security you put in place. It doesn't matter what the punishments are.
You can not equate storing millions of personal records accessible in one blob with any notion of security. All it takes is one break in, or one hacker, or one disgruntled employee working from the inside.
And there is no defence, therefore the pwning continues....
Simple Legislation: Each person owns their data and any company that keeps that data is liable for its unauthorized disclosure to third parties for actual damages of x + 2x for punitive damages.
I'd just like to pitch my identity clearinghouse idea again. (Most of this post is copied from my linked post.)
In combination with mandating that companies actually verify the identity of a person before doing sensitive business transactions with them, the government should operate an independent "identity clearinghouse" of sorts. The process would go something like this:
1. Consumer requests (for example) a new line of credit from Bank X. In the process, Consumer provides contact information to Bank X.
2. Bank X contacts Government's Identity Clearinghouse (ICH) with the provided contact information.
3. ICH (a) compares the provided contact information with that in their records, and (b) uses that contact information to contact the consumer and verify that the credit request was valid.
4. ICH informs Bank X of the validity of the credit request.
To fund the system, a small charge would be paid by the consumer, the bank, or both. Other more secure measures (such as personal appearance at a local office) would be involved in changing the information in the clearinghouse. The consumer would then inform their bank(s)/utilities/whatever of their updated mailing information, and the bank would then ask the clearinghouse to verify the correctness of that info.
It's interesting that the main AP story (picked up by the Washington Post, LA Times, and others) label the perpetrators as "hackers" who "penetrated the company's computer network." Nowhere in the original MSNBC article is there mention of the criminals hacking into a system. Rather, that reports indicates that "suspects had posed as a ChoicePoint client to gain access to the firm's rich consumer databases." Changing the story into some malicious hacker who infiltrated their computer seems to take ChoicePoint off the hook (except for thin database security), when they need to be held to task for not properly vetting the companies they contract with and allow access to their data.
C.L.U.E. Inc. maintains information on insurance claims histories
So if I request my insurance claim history am I 'getting a clue'?
And what's that load groaning in the distance?
WTF is choicepoint? Not all of us are Americans. Also, news sites specify what a subject is when it is first mentioned in the report. Like "UN Secretary-General Kofi Annan". Not just Kofi Annan, Kofi or Kofi darling.
Who needs a lawyer? The "House of Rothschild" line is the key to exposing that paranoid rave as another variation on "the Jews control the world with their banks". It's got lots of other details, some of which might even be true. But the most interesting detail would be the citation of where you copied it from. Not as a clue to any conspiracy, but what sources are popular among Jew-hating paranoids these days, looking further than their own voting box and TV set for evidence of the totalitarian conspiracy.
--
make install -not war
These jackasses were in charge of verification at a local retailer, and refused to verify my plastic card that spends from my home-equity line of credit. They wanted me to "register" with them, before the retailer would accept the card.
I told their service, and the retailer to STUFF it, apparently they didn't need my business.
I'm now GLAD I didn't play ball with these jackasses.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
To me YOU are the person reading it as an anti-jewish diatribe. I read it more as a "Sinister Secret Conspiracy" diatribe. And it was concerned about wealth, and "The House of Rothschild" is (or was) a wealthy group. I'm surprised it didn't include deBeers or the prince of the Netherlands, or the Morgans, but perhaps they were felt to be surpurfluous.
P.S.: Being a conspiracy theory doesn't prove that it's wrong. It's definitely a lot easier to invent them than it is to prove them, but there is considerable evidence that there are a multitude of conspiracies trying to control the world. (To jump from that to "And one of them does!" is almost certainly a jump too far.)
I think we've pushed this "anyone can grow up to be president" thing too far.
Now people will start flaming to parent and it'll get modded down as troll. But they miss one point: not all of us live in USA. We don't *know* how they can "use private, personal data (SSNs?!?!?!) to make a profit". The summary should have told us (or at least hinted) or provided a link to the details. No, the company website doesn't help. Think.
Glad you posted that link. I went to their page and sure enough, they have wrong info on me and my insurance claim history. Calling them up now to correct it. Maybe if enough people swamp them with calls, they won't be so eager to be in business anymore.
Of course: *I* was the person reading it. Totally interconnected conspiracy theories that span history and the globe are Rorschach tests. But I can tell when I don't need to read any more, except to skim for any new tropes. If it had mentioned the "faked Moon landings" early on, I probably wouldn't have even noticed the Rothschild canard.
The real consparicies aren't nearly as convoluted. This one was posted in response to the Enron/California conspiracy, very recent (ongoing, under Schwarzenegger) and very close to home. And not nearly as apocalyptic or all-encompassing. It's probably the kind of self-destructive response our society has to manageable details about immediate threat conspiracies: start hauling in all the grand schemes, which turns off the group to the immediacy of the one under consideration. If we didn't react with such ADD to apparent conspiracies, we'd actually manage to expose and eliminate some, sometimes. Instead, we're cursed with innuendo and fools who prey on our worst weaknesses, a smokescreen for the criminals.
--
make install -not war
I said it monday, but it's worth repeating.
I'm currently looking for an apartment. I took a new job in the South Bay Area, and am relocating.
I'm having a hell of a time finding a place because of bad credit. Nothing has been added to my report in well over a year, and the biggest item was a bullshit lawsuit from the assholes at O1 Communications over an old bill.
I don't have credit cards or car payments because I've been trying to live debt-free. That's now come back around to screw me because I don't have any *positive* credit to balance out the BS.
Perfect rental history: Doesn't matter.
High paying job: Doesn't matter.
Willing to pay 2 x the deposit: Doesn't matter
Lawyer handling credit situation: Doesn't matter.
Bad credit, according to the error-riddled report from Experian: ALL that matters.
It sucks, but what the hell can we do about it? Having bad credit from getting behind on bills when my job was sent to India shouldn't fuck me over for *seven years.* I've written to my congress critters proposing that the rules be changed. If you pay off a bill, it shouldn't sit on the report for 7 years. That's just a ridiculous amount of time.
Ugh. Screw ChoicePoint and Chexsystems, speaking of bastards..
Here, I'll even make it easy for you to Contact your Elected Officials
Whenever the subject of intellectual property comes up, quite a few Slashdotters are quick to point out that copyright violation != "theft," as the rightsholder still has the rights to the work and can try selling a copy to somebody else. I believe the situation is the same here -- if I've been the victim of identity theft, it simply means that somebody else is using my identity, but I haven't lost mine. Yet I haven't yet seen anybody take anybody else to task for using the word "theft" in this context.
I think the difference is that copyright violation is one of those things that falls under situational ethics (ie. it's okay if you think the rightsholder already has enough money, or if you think you probably wouldn't have bought it anyway, or any of a dozen other popular rationalizations). In other words... it's something that many Slashdotters do. But identity theft has no similar justification; it's just plain wrong. No Slashdotter would partake in it, and thus we don't need to collectively point out that it's not "theft" to make ourselves feel better about doing it.
Sitting in my day care, the art is decopainted.
The ChoicePoint security fiasco is part of a larger problem -- the fact that companies dealing in personal data are not providing adequate security and that they are not well regulated. What makes matters worse is that ChoicePoint is increasingly supplying its information to the government, including the FBI and IRS.
. 16.04.html
t al-Person.htm
Back in December 2004, I along with the Electronic Privacy Information Center wrote a letter to the FTC arguing that the FTC should open an investigation of ChoicePoint: http://www.epic.org/privacy/choicepoint/fcraltr12
This letter might be of interest, as it explains the extensiveness of the data companies like ChoicePoint have and how it affects people's lives.
I also argued in my new book, THE DIGITAL PERSON: TECHNOLOGY AND PRIVACY IN THE INFORMATION AGE, that identity theft and other privacy problems are caused not by technology but by irresponsible business practices. Everybody seems to be saying that in today's world of information technology, privacy is dead. The culprit is technology, and since it is foolish to believe that it can be stopped, there's little hope. I argue that this isn't the case. The culprit is government and business practices. There's a "digital person" that is a counterpart to people, not composed of flesh and blood but of bits and bytes of personal information gathered together in databases. The digital person is a representation of ourselves in the world of computers. But this is only part of the story. Increasingly, decisions about us are made by looking to our digital person. What happens to our digital person in the digital world is increasingly having effects in realspace to our real person. It is this problem that I explore, and I argue that the answer is regulating government and businesses - not technology. For those interested in learning more, I encourage you to read the FTC letter as well as my book. Here's the book's website: http://www.law.gwu.edu/facweb/dsolove/Solove-Digi
In your case, this system exists in France. It's called "Banque de France", and it's a clearinghouse for credit info and check account status.
It is not very satisfying. BdF maintains a list of people who are barred to emit checks by their bank because they bounce a check or they exceed their credit limits. Unfortunately, that means that if a bank screws up, or if they just lower your authorized credit line while you're overdrawn, you're going to be barred from writing checks nationwide. Most check-barred people aren't professional fraudsters by any measure, they are just unlucky or impoverished consumers. Most of them don't have credit cards. Thanks to BdF, they are quickly deprived of their checkbook too. Bloody poors, server them well, right?
Also, BdF is known in France for screwing up badly at times, and also to be regularly on strike (BdF employees were all, until recently, civil servants who couldn't be fired). It means that you can remain for years on the black list, and good luck to sort things out!
Finally, data protection laws are very strict in most of Europe ... But there are countries where they aren't. So companies from strict-privacy countries outsource their data mining to low-privacy countries. Surprise, surprise: you cannot break down your national borders and enforce your privacy laws, shock, horror! :-)
So in this instance, entrusting the Government to Do The Right Thing did not work. Lack of accountability, as usual with state-run operations.
And you want the same system? I really don't recommand it.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
What more can we expect from such a switcher - they turned to the dark side between 2000 and 2002 by the looks of it.
Place a fraud alert and get a free credit report from all three credit bureaus... hmm.. sounds like a pretty good deal.. are there any drawbacks??
:) I wonder if you can do that an unlimited number of times. If not, then maybe the links I've pasted below will work for now. If you didn't know already, you are entitled to a free credit report annualy. See the government link, and the actual free credit report link below.
http://www.ftc.gov/bcp/conline/pubs/credit/freerep orts.htm
Lol, you read my mind.
https://www.annualcreditreport.com/cra/index.jsp
-- Josh
Dangit. Where are my mod points when I actually NEED the? The parent post needs to be visible to all...not buried by a 0 score!
Rather than try to try to get de-listed from these info brokers or restrict what they can do (because they will always find a way around it), why not obscure your identity and information about yourself by finding ways to add information about yourself which are wrong. The reason that these companies are able to commoditize our information is because buyers think the information is somehow valid. If confidence in the validity of their information could be destroyed, they would no longer have a product to sell. The tricky part would be understanding how they collect and verify data and then figuring out a way to insert bogus information without actually harming real people in the process. There must be a way to do it, and then expose it so that all confidence is lost in the information being sold. Certanly the collective brain-wattage of /. must be able to figure out how to do something like this.
Let's all sue them.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
According to this AP article, the total number of people affected may reach 500,000. Politicians are jumping on the bandwagon. It looks like this is turning into a major scandal
Some article excerpts:
"attorneys general from 38 states demanded that ChoicePoint warn any victims in their states as well, "
"The volume of data compromised was so huge that deputies are almost certain that a 41-year-old Nigerian man sentenced Thursday to 16 months in jail in the scam did not act alone."
"ChoicePoint had required the con artists to fax copies of business licenses, and verified through a background check that licenses were valid for nonbank financial institutions. But they didn't perform physical checks or visit the addresses, as they sometimes do, to make sure they were legitimate."
I think this last quote is the most important.
This scam was conducted without any face-to-face contact. The criminals used Kinkos to fax in applications, and outfits like Mail-Boxes-Etc to act as professional addresses. They redirected mail from stolen identities to these PO boxes.
Our disconnected world where there is no face-to-face contact and where nobody pounds the pavement to check on reality makes scams like this too easy.
Attention all K-Mart Shoppers... that Bar-B-Q you are smelling is your collective butts in the fire.
After undermining all sane separations between state, religion, and commerce, we find ourselve in what can only be described as a Nation of the Corporation, By the Corporation, and For the Corporation. You may now bow to your corporate masters.
Our founding fathers saw government as a detestable necessity, so they wisely hamstrung it seven ways come Sunday, to keep it at bay. By giving corporations the same rights as "REAL FLESH AND BLOOD PEOPLE", without the same accontabilitiies or limitations, we created a monster. That monster was further allowed free access to influence and ultimately control our government. That brings us where we are today.
A nation where your privacy is a farce, virtually nonexistent, while government and corporations alike enjoy almost complete opacity.
Just last week a Federal Judge ruled in favor of the Governor of Maryland, in a suit involving reporters from the Sun Times being frozen out of press meetings. The Judge ruled that "the paper wrongly asserted a greater right to access to government officials than private citizens have. The right to publish news is expansive. However, the right does not carry with it the unrestrained right to gather information,"
In short, A political leader, your elected representative, has the right to inform only those he likes or feels fit to inform. That and your primary organ of political enlightenment, the press, has no special right to garner information on your behalf. Add to that the recent $400,000 charge for FIA documents against the justice department, and the Gannon/Guckert debacle at the White House this week, and it's clear... the Government is hell bent on having it's citizens standing naked in the streets, stripped of every right to privacy and personal dignity, while they plot and practice "God only knows what" with complete impunity.
The information disaster at ChoicePoint underlines the complete disregard that business and the Government have for the needs and the rights of every day citizens. Recent leaks suggest the final number of people exposed may exceed 400,000. If the government were working on your behalf, you would certainly see heads rolling immediately. However, I suspect you'll see none of that. The government is using these very companies to perform an endrun around the constitution, filling up government dosiers with information collected by these very companies, at the same time lucrative government contracts and multimillion dollar campaign funds are trading hands.
We're at a critical time in history. Benito Mussolini defined fascism as "The Corporate State". Looking at the historical analysis of the last century, there's good reason why conservative and liberal law makers, educators in law and political science, and men of conscience around the world are calling the United States a fascist state. One of the certain casualties in such a government, are the rights and freedom of the individual. We still have a tremendous amount of infrastructure that protects us, and as bad as things are, no single person has yet amassed so much power that our government can be easily toppled. We're however in extreme danger. It'll take all our commitment, and every kind of contribution we as citizens can make, to bring our government back into it's proper place as an engine designed to promote the advancement of freedom, and justice. The alternative is too grim for words.
Genda
Please!
Er, evermind. I just misread that as "irresponsible" - and we know that's not right, don't we?
I'll have to check out your book some day...
People say I'm crazy, I got diamonds on the soles of my shoes...
Two Words. Identity Theft.
In the US, the Social Security Number (SSN) is your "primary key". It's how everyone, the government, banks, employers, credit bureaus, etc keep track of you and your information.
From a statistical point of view, it's who you are.
Given a SSN, the name to which it belongs, and the most recently known address, anyone can now pretend to be you. Billy Bad Guy can now get a loan in your name. Billy can purchase a car. You are the one that is billed, not Billy.
With 145k identities (yeah.... right... only 145k out of 220 million) Billy is an instant Billionaire. All he has do to is get to a country with no extradition to the US, and begin living the life of luxury on your (or the Banks) dime.
The laws are getting better about protecting individuals once they have proven they are a victim. The trick is proving it wasn't you that bought that Lear jet on a janitors salary.
Want a link to the details? Here ya go:
What Are Identity Theft And Identity Fraud?
Whaddya mean your question was rhetorical?
--
<Insert Funny Sig Here>
mm
We had a small business that we were in the process of shutting down, but still had an account with $100 or so, to finish off taxes and stuff.
... but I wonder if it could have happened through Choicepoint.
We just got hit with someone making $25, $50, and then $500 purchases off the check card. So now we're going through ID fraud procedures on it...
Note to self: this is a page I want to bookmark for later reference.
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
Well, now that we've "gotten over" the loss of privacy, perhaps the next thing the McNeely's of the world will tell us is that we should get used this kind of identity theft lottery too.
Wansu, th' chinese sailor
I am the lead software arc for a competitor of Choicepoint's and, although I do feel this situation is extremely serious and understand why people are pissed off, find it odd anyone would demand that Choicepoint be closed, CEO jailed, etc...
.. but wait, can't the organizations verify information themselves going through county and state govt records? The answer, even if you throw away the cost, time and materials and added personnel, is no, not completely. Here's why. When people apply for a job, volunteer or anything else that requires their past be investigated, there is always a spot for your current address and sometimes a spot for your previous addresses. It used to be that the company you are applying with took your word that you lived where you said you lived and they only investigated those counties, states, etc... If you committed a crime in a county you didn't want revealed, you simply didn't fill it out. Nowadays, regardless of what you put on the application, all of your previous addresses will be discovered and searched (depending how many back the searching company is willing to pay for -- usually 3 to 5). This is a very valuable service and out of reach for companies and organizations that don't specialize in this type of research. Speaking as a father and not a background researcher, I'm glad that the Girl Scouts (using Choicepoint) screen every volunteer in this fashion . I'd think you all would be too.
Regardless of the privacy issues, someone is going to store, manage and sell your information because it fills a valuable need in a whole host of circumstances. It is vitally important to verify someone's background prior to oferring a job or accepting volunteers. This isn't just job justification here. It goes without saying that you cannot allow convicted thieves to work a cash register job or child molesters to volunteer for the Cub Scouts (two things that are surprisingly common). Ah
Now bear in mind that I'm not defending Choicepoint. Hell, it would benefit me greatly if they were closed down. I do find their account setup procedures to be unbelievably remiss. We require DUNS number, plus corp bank account/history/references and articles of incorp (if applicable) and will not establish an account without them (even then account is ran in audit state for two months to ensure compliance). Keep in mind that if your organization wants run credit reports or motor vehicle searches, then there is an entire mountain of paperwork that must be completed, filed and approved by state DOT and the three credit companies. We also require client certs from integration clients and store no info in our db that isn't encrypted. I believe Choicepoint does the same. The way I understand that the info was compromised was that fake accounts were set up, a list of names was purchased from somewhere, and those names were then searched (either credit report or skip trace or some other identifying report) to obtain the information. Choicepoint's failure lay in social engineering and poor account verification practices.
What it comes down to is, someone is going to keep and store your information. Would you rather it was the govt with its track record of managing security and accuracy or private industry? Me, I'll take private industry.
Alex
I authored the article "Identity Theft Is No Laughing Matter: Who's Using Your Name?"
http://kb.mlm.com/article.asp?article=5115&p=5/
The most important FACT to understand is that you cannot PREVENT Identity Theft. What we can do is take the necessary steps stated to PROTECT ourselves. None is more important than monitoring our credit report. There are a number of products on the market that do just that, including, some homeowners insurance coverage, that you can add for $15 to $20 per month.
All I'm saying is...This crime REQUIRES you to be PROACTIVE not reactive. You can't wait for the next month's bank or brokerage statements or for your yearly Credit Report, free or not. In fact Barry Elliott, Detective Staff Sergeant with the Ontario Provincial Police and founder of PhoneBusters, says, "There is a misconception among consumers that they can prevent identity theft altogether, consumers cannot prevent identity theft. They can only prevent criminals from using their personal information for financial gain by rendering the information useless to fraudsters. The best way to do that is to monitor their credit 24-7."
We Appreciate You,
Dawn & Derrick
Our business in life is not to get ahead of others, but to get ahead of ourselves -- to break our own records, to outstrip our yesterday by our today.~Stewart B. Johnson
The Problem: The Federal Trade Commission reports American spent close to 300 million hours repairing the damage ID theft causes.
The Solution: IDT Shield gets your valuable time back http://www.leaderswanted.biz/
http://www.mlm.com/mlm/user/index
Search: Articles: By number: 5115
"Identity Theft Is No Laughing Matter: Who's Using Your Name?"
I totally agree, businesses do ask for more information than necessary, and they have for quite a long period of time. Identity Theft has reached epidemic proportions since the 90's, but this is a crime that has always been with us. In fact the branches of the government couldn't routinely function without hijacking IDs. They call it the "witness protection program." That's one of the reasons this crime was basically a slap to the wrist type of punishment, because most people using another person's information (whether living or dead) did so in order to hide-out and wouldn't DREAM of committing a crime or doing anything else to draw attention to themselves.
They used to publish books on how to vanish without a trace. Think of all the abused women who would flee in the middle of the night with nothing but the clothes on their backs - We have countless people living under assumed Identities for their own safety, but as with all things the information got to the wrong people & it spread like a virus.
I personally think the spread of IDT became more prevasive with better graphics programs, scanners, and printers - because now you could reproduce flawless documents without the risk of exposure.
There is no question that private businesses can manage the database - afterall - it's private businesses that are their largest customers!
.... Does anyone else notice that the ChoicePoint officers and directors look eeirly like the Equifax officers and directors?
The problem is WHO is managing the database
And WHY would a company like Equifax (that IS subject to close scrutiny and forced to comply with provisions of the Fair Credit Reporting Act)spin off a subsidiary like ChoicePoint (that WAS NOT under close scrutiny or forced to comply with provisions of the Fair Credit Reporting Act) if it were not in the name of avoiding government oversight?
The past is a GREAT predictor of the future, or so the Equifax/ChoicePoint big shots would say, and sure enough, Choicepoint has quietly gone about the business of buying out all of their competitors (flashbacks of Equifax buying out all of their credit bureau competitors until the Federal Trade Commission decided to read the Sherman Anti-Trust Act and enforce it) until now there are only two substantial national providers of an admittedly vital service.
Now the crowd will cry for ChoicePoint to be shut down. Where in the heck were you five years ago when we had a chance of giving them some competition and forcing them to do anything? Lexis-Nexis will be the only provider left if ChoicePoint is shut down and don't think that ChoicePoint won't use that to their defense!
Give the industry a close review, insist on competition in the marketplace which will breed reliable, secure, ethically responsible services. Force Equifax to divest in ChoicePoint and enforce the provisions of the GLB Act and Drivers Privacy Protection Act. Expand the Fair Credit Reporting Act to include personally identifiable information from all sources (public or private) that are compiled and indexed for commercial sale.
Oh, and let's not forget all the lawyers!
CHECK UP ON CHOICEPOINT Recent revelations that data merchant ChoicePoint gave crooks credit data about hundreds of thousands of Americans highlights the importance of a new federal law giving consumers free access to their credit reports, including ChoicePoint reports. Residents of Western States have had the right since December 1, 2004 and residents of Midwestern States gain the right on March 1, 2005. Reviewing credit reports is also important because a recent US PIRG study found 79% of credit reports had errors and 25% had errors serious enough to result in the denial of credit. Lenders are not the only ones who consult credit reports. Credit reports are used by insurers to set rates, landlords to make leasing decisions and by the US Government for security clearances and to locate criminals and terrorists. Free copies of ChoicePoint reports are a little hard to find. ChoicePoint does not participate in the single point of entry for free credit reports maintained by the three largest credit bureaus. For ChoicePoint reports, consumers can go online to www.choicetrust.com. Consumers can also request a report, or a mail-in form, by calling three separate numbers. The first is for insurance reports, 866-312-8076. The second is for employment history reports, 866-312-8075. The third is for tenant history reports, 877-448-5732. The single point of entry for free credit reports from the three largest credit bureaus is www.annualcreditreport.com. Consumers can also order the reports by calling 877-322-8228 or by mailing in a form found on the web site or on the back of a brochure available from the federal trade commission (www.ftc.gov or 877-382-4357 and navigate the menu until you can request the brochure from a real person). The safest mode for ordering credit reports is by mail. Consumers should also ask the credit bureau to truncate the numbers on the printed report so it is not as damaging if it falls into the wrong hands. Federal law gives consumers a useful tool to protect their interests. Most consumers are not yet accustomed to reviewing their credit reports annually. But a changed world where crooks buy private credit data directly from the credit bureau calls for new strategies. More information and links to the sites in this letter is available on line at CHECK UP ON CHOICEPOINT Recent revelations that data merchant ChoicePoint gave crooks credit data about hundreds of thousands of Americans highlights the importance of a new federal law giving consumers free access to their credit reports, including ChoicePoint reports. Residents of Western States have had the right since December 1, 2004 and residents of Midwestern States gain the right on March 1, 2005. Reviewing credit reports is also important because a recent US PIRG study found 79% of credit reports had errors and 25% had errors serious enough to result in the denial of credit. Lenders are not the only ones who consult credit reports. Credit reports are used by insurers to set rates, landlords to make leasing decisions and by the US Government for security clearances and to locate criminals and terrorists. Free copies of ChoicePoint reports are a little hard to find. ChoicePoint does not participate in the single point of entry for free credit reports maintained by the three largest credit bureaus. For ChoicePoint reports, consumers can go online to www.choicetrust.com. Consumers can also request a report, or a mail-in form, by calling three separate numbers. The first is for insurance reports, 866-312-8076. The second is for employment history reports, 866-312-8075. The third is for tenant history reports, 877-448-5732. The single point of entry for free credit reports from the three largest credit bureaus is www.annualcreditreport.com. Consumers can also order the reports by calling 877-322-8228 or by mailing in a form found on the web site or on the back of a brochure available from the federal trade commission (www.ftc.gov or 877-382-4357 and navigate the menu until you can request the brochure from a rea
When is garbage day? It would sure be funny if it turned out that these guys weren't shredding their garbage.
Just looking up a name in Google does NOT give the correct information! The David W. Davis you posted as VP of Choicepoint does NOT work for Choicepoint. There are two David W. Davis's in Alpharetta as I am the other one! The others listed may or may not be correct. By posting incorrect info in this thread you are providing similar mis-information for which Choicepoint is being flamed! Check it out before causing grief for others.