Database giant ChoicePoint said late Wednesday that 145,000 consumers nationwide were placed at risk by a recent data theft at the company. Previously, the company had suggested the theft only affected California residents.
ChoicePoint pledged to notify all of the potential victims. Spokesman James Lee said the company was informing consumers as a precaution, suggesting they keep an eye out for signs of identity theft.
Meanwhile, law enforcement officials in Los Angeles announced Thursday that a suspect has agreed to a plea deal in connection with the incident.
Atlanta-based ChoicePoint maintains and sells background files on virtually every adult American, culled from millions of public and private records. Last week, the firm sent some 35,000 letters to California residents telling them their personal data may have been stolen by criminals who set up fake companies and downloaded information from ChoicePoint.
California is the only state that by law requires disclosure of such data leaks, and ChoicePoint initially suggested the theft of information might be limited to that state.
Lee said ChoicePoint decided to widen the notification after meeting with law enforcement officials on Wednesday. An additional 110,000 letters will be mailed in the coming days, he said.
Criminals tricked the company by posing as legitimate businesses to gain access to the various ChoicePoint databases, which contain a treasure trove of consumer data, including names, addresses, Social Security numbers, credit reports and other information. At least 50 suspicious accounts had been opened in the name of nonexistent debt collectors, insurance agencies and other companies, according to the company.
The incident was first revealed by MSNBC.com on Monday.
ChoicePoint pledged late Wednesday to notify all the consumers affected by the theft. Earlier in the day, New York state legislator James Brennan had urged the state to suspend existing contracts with the database giant -- including an $800,000 deal with the state's Office for General Services -- until the firm agreed to notify New York residents.
New York is one of several states considering passing disclosure laws similar to California's.
On Thursday, 19 state attorneys general sent a letter to ChoicePoint urging the firm to provide more details about the crime.
"ChoicePoint Inc. should immediately inform all persons whose personal information is known to have been compromised, providing them with as much detailed information as possible about the breach and when it occurred, and urging them to check their credit reports for new accounts or suspicious activity," the letter said. "We would like to meet with you to discuss the specifics concerning how this compromise of information occurred, and how the citizens of our states have been affected. "
California consumers who have already received the letter from ChoicePoint expressed frustration; many had never heard of the firm before receiving the alarming letter.
"How dare they even try to make money using my Social Security Number in the first place," wrote one in an e-mail to MSNBC.com. He requested anonymity. "Where did they get it from? I certainly didn't give it to them; I never heard of them before receiving the letter. In fact, I almost threw it out unopened, because I thought it was going to be a credit card solicitation or a reduced rate mortgage scam."
750 victims surface; suspect pleads guilty
Already, a number of data-leak victims have discovered they have been hit by identity theft. A report Wednesday in the Los Angeles Times said authorities have identified 750 people whose personal information was stolen and used to buy jewelry, consumer electronics and computers.
On Thursday, the only suspect so far connected to the case, Olatunji Oluwatosin, 41, pled “no contest" to a single count of ID theft, according to Jane Robinson, a spokeswoman for the Los Angeles County District Attorney's office. Oluwatosin was sentenced to 16 months in state prison and ordered to pay a small fine. Other charges against him were dropped.
When ChoicePoint discovered in October that unidentified persons had created sham companies to access its databases, sheriff’s investigators set up a sting operation that resulted in the Oluwatosin's arrest.
After ChoicePoint received a suspicious application for an account faxed from a Kinko’s in Southern California, the company sent a responding fax requesting a new signature. Deputies who had staked out the store arrested Oluwatosin when he arrived to pick up the fax.
Oluwatosin, who is originally from Nigeria but had been living in North Hollywood, according to the Times, had been charged with six felony identity theft counts.
He told investigators at the time he was not involved in any identity theft scam and was only picking up the fax for someone else.
Bob Sullivan is the author of