Posted on 02/19/2005 10:05:52 AM PST by ex-Texan
At Least 700 Have Identities Stolen
SAN FRANCISCO - At least 700 people had their identities stolen during a yearlong scam by con artists who had signed up as clients of data-broker ChoicePoint Inc., the Los Angeles task force in charge of the criminal investigation confirmed on Friday
When word first emerged this week that still unknown scammers had illegally obtained detailed dossiers on 35,000 people by posing as legitimate customers of ChoicePoint, the company portrayed it as a relatively minor criminal case, limited to California.
But by week's end, it was shaping up to be a full-blown scandal with as many as a half million people nationwide potentially vulnerable to identity theft.
Outraged, attorneys general from 38 states demanded that ChoicePoint warn any victims in their states as well, and politicians, consumer advocates and security experts called for more federal oversight of a lightly regulated industry that gathers and sells personal data about nearly every adult American.
The task force leader, sheriff's lieutenant Robert Costa, said the number of people vulnerable to identity theft in the case could reach 500,000.
That's a much higher number than the latest estimate acknowledged by ChoicePoint, which belatedly sent warning letters to a total of 145,000 people in various states after a chorus of complaints.
The volume of data compromised was so huge that deputies are almost certain that a 41-year-old Nigerian man sentenced Thursday to 16 months in jail in the scam did not act alone.
The man, Olatunji Oluwatosin, was arrested on Oct. 27 when ChoicePoint faxed him some paperwork at a Kinko's store in a sting operation. He pleaded no contest and did not agree to help authorities in the probe.
"We were victimized by some extremely well organized criminals," ChoicePoint spokesman Chuck Jones said.
An Alpharetta, Ga.-based spinoff from the credit-reporting giant Equifax, ChoicePoint maintains databases that hold 19 billion Social Security (news - web sites) numbers, credit and medical histories, motor vehicle registrations, job applications, lawsuits, criminal files, professional licenses and other pieces of sensitive information. ChoicePoint also owns a DNA analysis lab and facilitates drug testing for employers.
But ChoicePoint and other privately owned aggregators of personal information operate with virtually no federal oversight, and critics say the companies haven't done enough to safeguard their information-rich databases.
"There's a serious problem that we as a nation don't seem to grasp — that the public is at risk whenever organizations collect massive amounts of information about us and they don't take extraordinary precautions to ensure that that information is protected," said Dr. Larry Ponemon, who runs a research firm in Tucson, Ariz., dedicated to privacy management in business and government. "People ought to be standing in lines protesting this."
Word of the identity theft case got out after ChoicePoint sent warning letters last week to people in California — the only state with a law requiring disclosure of such security breaches to people whose identities are threatened. But ChoicePoint said it discovered the breach in October, when the Los Angeles County Sheriff's Department began investigating one case of identity theft.
Jones initially told The Associated Press on Tuesday that ChoicePoint had not alerted the FBI (news - web sites) or other federal law enforcement agencies, and that "we don't have any evidence to indicate at this point that the situation has spread beyond California."
But security experts scoffed at that idea, and other states' politicians quickly demanded the same consideration for their residents that Californians were getting.
On Wednesday, Sen. Dianne Feinstein (news, bio, voting record), D-Calif., called for hearings on her proposed national version of the California law, while Sen. Bill Nelson (news, bio, voting record), D-Fla., asked federal regulators Friday to oversee data-brokering companies the same way they do other companies that handle financial and medical records.
New York state legislator James Brennan asked his state to suspend an $800,000 ChoicePoint contract until the company agreed to warn any New York residents whose data might have been exposed.
ChoicePoint eventually decided to send letters to 110,000 more people around the country — an unprecedented move for the company, but "the right thing to do" in this case, Jones said.
Victims should receive letters within a few weeks, Jones said, and immediately check credit histories for suspicious activity. The company also plans to release a list of states affected in the next several days.
Costa, who runs Southern California's High Tech Task Force Identity Theft Detail, said the estimate that as many as 500,000 people may be threatened is based on records his department subpoenaed from ChoicePoint.
Costa also said that the FBI, the Secret Service and U.S. Immigration and Customs Enforcement — the largest investigative arm of the Department of Homeland Security — have now contacted his department to join the probe.
Citing the ongoing investigation, ChoicePoint won't speak publicly about details about the scam or discuss any security measures added since the breach.
Costa says he can't reveal many details either. But some details have been released.
Using stolen identities and faxing applications to ChoicePoint from Kinko's stores, the thieves opened up 50 accounts and for months received volumes of data on consumers, including names, addresses, credit reports and Social Security numbers — all the data needed to get credit in someone else's name.
The ring also set up commercial mail-receiving locations in places such as Mail Boxes Etc., where deputies found redirected mail for more than 700 people — everything from personal letters to junk mail to the credit card applications that are like gold for con artists, Costa said.
ChoicePoint had required the con artists to fax copies of business licenses, and verified through a background check that licenses were valid for nonbank financial institutions. But they didn't perform physical checks or visit the addresses, as they sometimes do, to make sure they were legitimate.
Computer experts worry that ChoicePoint and other companies that specialize in gathering and selling private information still aren't sufficiently protecting it from unauthorized uses.
"Most financial organizations have very sophisticated fraud detection algorithms to minimize the impact to the end user — why couldn't this company have the same type of controls?" asked Joseph Ansanelli, a member of the Financial Services Information Security Analysis Center who has testified before Congress on identity theft and consumer data privacy. "Even if the criminals misrepresented themselves to do fraud, there are fraud detection programs that could kick in at that point."
Quick links to look for news reports:
Link to Major U.S. News Sources:
Link to Major International News Sources
Nigerians again???
10 months ago I was getting an insurance license with another insurance company and they used Choicepoint which came back witha criminal background on me. (burgalries in texas) Since I had never been arressted NOR been to Texas I was pretty upset.
It took 6 months of constant letter writing and a finally a lawyer to get choicepoint to correct this. They were totally worthless.
Yeah, well, organized crime has many faces. The Mob has its tentacles in many states. The Russkie mob (former KGB experts in forgery) is getting more sophisticated every day. But the Russkies have allies from many former Eastern Block and African countries. Mostly they leave drug dealing to the Mafia and concentrate on going for major identity theft scams like second mortgage fraud. There are rumors in the mortgage industry of the mob taking over savings banks for the purpose of money laundering and/ or fraudulent foreclosure practices.
I wish you could sue their as*@! to get compensation for all that time and money! The whole credit reporting scene is horrible with no monitoring. Did you know that anyone can file a bad credit report on you WITH NO PROOF OF ANYTHING and then YOU have to get THEM to remove it and if they won't, oh well.
I have been told by accountants that our electronically processed taxes are done in India. I can't think of any papers that have more personal data on them than our tax forms.
If this isn't the world best opportunity for theft identification I don't know what would be. Maybe since this is permitted by the goons in Washington it is okay. Still, it's our money and our ID's that are up for grabs by foreigners though.
Who is going to get India to send an ID thief over here to get eaten by our court system? Not you and not me.
I think it's just a matter of time until most of us go through the pains of ID theft.
Grab your ankles and make sure the Vaseline is handy.
I'm from Cleveland. The mob in Cleveland/Akron used to set up money laundering outfits there. One of them became "Household Finance", a legitimate loan company all started with mob money.
I heard about IRS paperwork being sent over there but still not sure of it is true or not.
I do know for a fact us companies that do medical transciptioning have sent work to India because my cousins wife who did MT was laid off and her job was outsourced to India.
We are all going to pay for this one day.
The fundamental problem is that our system of verifying identity for the purpose of granting credit is based on the ability to provide personal information that only the person himself should know. However, the idea that only Person X should know certain personal infomration about Person X is a deeply flawed assumption. As far as I'm concerned, a Federal law should be passed that emphatically places all responsibility (including court costs and legal fees,) and the burden of proof, entirely on the backs of those who grant credit based on this flawed assumption.
Add into the mix Russkie Mayfia and a core lending institutions in the fraudulent foreclosure business. Use your imagination wildly. Getting the full picture yet? The fibbies will not even investigate complaints about fraud in the foreclosure game. 'Nuff said.
Soon coming a your city . . .
>>We are all going to pay for this one day.<<
We are paying for it now.
Has Rice put a new UN flag beside her desk yet?
It is true about IRS income tax returns going to India for processing but the IRS is not sending then there. The people and companies that are sending them there are independent accountants, tax companies and tax preparers that have a lot of clients who they then sub-contract the tax work out to India.
Not that the article below has anything to do with this, but I wonder what it is about, perhaps identity fraud, perhaps fraud within SSA from the Sept. GAO report that a billion dollars a year was being paid out in disability claims that were not eligible.
http://www.baltimoresun.com/news/yahoo/bal-md.social19feb19,0,1334886.story?coll=bal-newsaol-headlin
By Anica Butler
Sun Staff
Originally published February 19, 2005
Federal agents seized items from Social Security Administration headquarters in Woodlawn yesterday, apparently as part of an investigation of alleged fraud.
About noon yesterday, about a half-dozen people - some of them with lettering on their clothing identifying them as federal agents - were seen taking what appeared to be numerous boxes from the lower east building at the Social Security Administration offices and loading them into an unmarked blue van.
An agent at the scene would not comment.
Barry Maddox, a spokesman for the FBI's Baltimore office, confirmed that the FBI had been at the Social Security complex.
He said he would not disclose any details, saying that the matter is an "ongoing investigation."
Maddox referred questions to Marcia Murphy, a spokeswoman at the U.S. attorney's office. Murphy said she could not comment.
Mark Hinkle, a spokesman at the Social Security Administration, also referred reporters to the U.S. attorney's office.
A source familiar with the investigation said the FBI was brought in by the Social Security Administration's Office of the Inspector General. The source said investigators are looking into allegations of "fraud against the government" but would not provide further details.
Sun staff writers Greg Garland and Lisa Goldberg contributed to this article.
Nigerian Bump.
is it true that these new National ID's or N Drivers License's data base comes from these private companies? that they sell the info to the Feds.. and that data will be there in the data base.... ?
that is what i have heard. i have also heard it is nearly impossible to undo false info on yourself..
i;m so glad i have never owned or used a credit card.. although i doubt that totally saves me from this mess..
How do they count those "pieces?" The US has about 300 million people. If ChoicePoint had on average 60 pieces of information about every person in the US, then perhaps they could have 19 billion pieces, but that sounds unlikely.
Thanks! I didn't think of it that way (each individual credit entry being one "piece"), so it makes more sense now.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.