Data warehouser ChoicePoint's stock fell more than 9 percent yesterday after a breach of company records that could affect more than 140,000...

Share story

ATLANTA — Data warehouser ChoicePoint’s stock fell more than 9 percent yesterday after a breach of company records that could affect more than 140,000 Americans sparked predictions of tougher regulation ahead for the data-brokering industry.

“This means they’re going to be subject to scrutiny,” said Daniel Solove, an associate law professor at George Washington University and author of “The Digital Person,” a book about data aggregators such as ChoicePoint.

“The days of these companies living in a hidden underworld of information mining, information use and information trafficking will end,” he said. “There will be more regulation and more rights for individuals.”

Most Read Stories

Unlimited Digital Access. $1 for 4 weeks

ChoicePoint’s shares tumbled $4.20, or 9.7 percent, yesterday and closed at $39.30. They lost an additional 24 cents in extended trading. The stock had traded at a 52-week high of $47.95 earlier in the month.

The company acknowledged on Feb. 15 that thieves apparently used previously stolen identities to create what appeared to be legitimate businesses seeking ChoicePoint accounts. They then opened up 50 accounts and received volumes of data on consumers, including names, addresses, Social Security numbers and credit reports.

The ring, which operated for more than a year, used the information to defraud at least 700 people, according to California investigators.

ChoicePoint learned of the problem in October but did not begin notifying until this month the 144,778 people across the nation that it said were possibly affected by the scam. Initially, it only notified 34,114 Californians it said were vulnerable.

On Monday, ChoicePoint released a state-by-state breakdown of people who may have been affected. The list also included people in the District of Columbia and three U.S. territories.

The company announced plans to rescreen its 17,000 business customers to make sure each one is legitimate, and said it has hired a retired Secret Service agent to help revamp its verification process, including seeking more information from customers that can be used to validate their business status.

Formed in 1997 as a spinoff of credit-reporting agency Equifax, ChoicePoint has 19 billion public records in its database at its suburban Atlanta headquarters, including motor-vehicle registrations, license and deed transfers, military records, names, addresses and Social Security numbers. The sheer size of its database makes it an industry leader in the data-collection business.

“I hope that what consumers will do is begin to revolt,” said Barry Steinhardt, director of the technology and liberty project at the American Civil Liberties Union. “We need to have much tougher privacy laws in this country.”

Leaders in Georgia announced plans yesterday to require companies to notify the state’s residents when their personal information may have been stolen.

Only California now has a law requiring such notification. New Hampshire, New York and Texas are considering similar bills, and U.S. Sen. Dianne Feinstein, D-Calif., reintroduced legislation last month for a national version of the California law.