Last month Atlanta-based Choicepoint admitted that criminals had been able to gain access to its consumer database, potentially viewing some 145,000 records.
"These changes are a direct result of the recent fraud activity, our review over the past few weeks of our experience and products, and the response of consumers who have made it clear to us that they do not approve of sensitive personal data being used without a direct benefit to them," said Derek Smith Chairman and CEO of Choicepoint. "We apologize again to those consumers who may be affected by the fraudulent activity."
The criminals set up dozens of fake accounts, by posing as potential customers running background checks on individuals.
Choicepoint suffered a public backlash as a result of the misadventure after Californian Senate Bill 1386 ensured Choicepoint had to disclose the exact details of the mishap to 35,000 Californians.
Further pressure forced the company to notify the other 110,000. Illinois Attorney General Lisa Madigan said in a letter to the company. "We insist that Choicepoint take immediate corrective action to notify all residents of our state who have or may have been affected by this breach."
And now the data broker has scaled back its business."Choicepoint will continue to serve most of its core markets and customers, but these actions will have an impact on the scope of products offered to some customers and the availability of information products in certain market segments, particularly small businesses. The transition will begin immediately and is expected to be substantially completed within 90 days," said the company in a statement.
But the fallout from the crime has gone further than merely Choicepoint's redressing of its business. Legislative responses include a rash of federal bills put forward to echo California. Senator Bill Nelson, D-FL, introduced the Information Protection and Security Act, which enforces greater security amongst data brokers.
The Federal Trade Commission (FTC) is now launching an inquiry into Choicepoint's compliance with federal laws regarding information security.