ChoicePoint pays $275,000 fine for data breach

ChoicePoint Inc. agreed to pay $275,000 to federal regulators as a result of a data breach last year that exposed the Social Security numbers and other personal information of 13,750 people.

The agreement settles a case by the Federal Trade Commission that charged the company with violating terms of a settlement following a databreach in 2005 that led to hundreds of cases of identity theft.

It's the latest charge against the consumer data broker. In 2006, the company--now a subsidiary of Reed Elsevier Inc.--paid $15 million to settle charges that it let criminals purchase sensitive financial and personal data on at least 163,000 people.

At the time, ChoicePoint was supposed to take positive steps to protect consumer data, but the FTC alleged that in April 2008 the company switched off an internal electronic monitoring system designed to watch customer accounts for signs of unauthorized or suspicious activity.

ChoicePoint blamed the incident on a government customer that failed to properly safeguard one of its user IDs needed to access ChoicePoint's AutoTrack XP Product.

Like many breaches these days, it's often a combination of a failure to follow protocol or keep an eye on the ball in safeguarding data that causes the problem. And it is essential that companies tighten their procedures and systems to prevent any data breaches.

For more on ChoicePoint:
- see this Washington Post article

Related Articles:
Holiday cyberattacks hit U.S. government sites
FTC issues personal health record security rule
FTC: ID theft surges in '08