Ask Question, Ask an Expert

+1-415-315-9853

info@mywordsolution.com

Ask Management Information System Expert

The ChoicePoint Attack

ChoicePoint, the Georgia-based corporation, offers risk-management and fraud-prevention data. Traditionally, ChoicePoint provided motor vehicle reports, claims histories, and similar data to the automobile insurance industry; in recent years, it broadened its customer base to include general business and government agencies. Today, it also provides data for volunteer and job-applicant screening and data to assist in location of missing children. ChoicePoint has over 4,000 employees, and its 2004 revenue was $918 million.

In the fall of 2004, ChoicePoint was victim of the fraudulent spoofing attack in which unauthorized individuals posed as legitimate customers and obtained personal data on more than 145,000 individuals. According to a company's Web site:

These criminals were able to pass our customer authentication due diligence processes by using stolen identities to make and produce the documents needed to appear legitimate. As small business customers of ChoicePoint, these fraudsters accessed products which contained basic telephone directory-type data (name and address information) as well as a combination of Social Security numbers and/or driver's license numbers and, at times, abbreviated credit reports. They were also able to obtain other public record information including, but not limited to bankruptcies, liens, and judgments; professional licenses; and real property data.

ChoicePoint became aware of the problem in November 2004, when it noticed unusual processing activity on some accounts in Los Angeles. Accordingly, company contacted the Los Angeles Police Department, which requested that ChoicePoint not reveal the activity until the department can conduct an investigation. In January, the LAPD notified ChoicePoint that it can contact the customers whose data had been compromised.

This crime is an ex of the failure of authentication and not a network break-in. ChoicePoint's firewalls and other safeguards were not overcome. Instead, the criminals spoofed legitimate businesses. Infiltrators obtained valid California business licenses, and until their unusual processing activity was detected, appeared to be legitimate users.

In response to this problem, ChoicePoint established the hotline for customers whose data were compromised to call for assistance. They also purchased the credit report for each of these people and paid for a one-year credit-report-monitoring service. In February 2005, attorneys initiated the class-action lawsuit for all 145,000 customers with the initial loss claim of $75,000 each. At the same time, the U.S. Senate announced that it will conduct an investigation.

Ironically, ChoicePoint exposed itself to the public relations nightmare, considerable expense, a class-action lawsuit, a Senate investigation, and a 20 percent drop in its share price because it contacted the police and cooperated in the attempt to apprehend the criminals. When ChoicePoint noticed the unusual account activity, had it simply shut down data access for the illegitimate businesses, no one would have known. Of course, the 145,000 customers whose identities had been compromised would have unknowingly been subject to identity theft, but it is unlikely that such thefts could have been tracked back to ChoicePoint.
Source: choicepoint.com/news/statement_0205_1.html#sub1 (accessed February 2005). Used with permission of Choice.Point.com.

Answer the following problems:

problem1) Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization.  Be sure to include both tangible and intangible losses in preparing your response.

problem2) What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? 

problem3)What reactive steps by ChoicePoint might have mitigated their losses subsequent to their discovery of the information security breach?  describe/justify your choices. 

problem4) What proactive steps by ChoicePoint might deter a reoccurrence of such an information security breach?  describe/justify your choices.

Management Information System, Management Studies

  • Category:- Management Information System
  • Reference No.:- M9574

Have any Question? 


Related Questions in Management Information System

Assignment the prisoners dilemma what is in my best

Assignment : The Prisoner's Dilemma; What is in My Best Interest? We learned in earlier discussions that according to Aristotle and Bentham, one's happiness was the highest goal. Enter social contract. How does one ensur ...

Note do not turn your case studies project 1 into your

Note: Do not turn your case studies (project 1) into your presentation. Digital media has changed the ways ideas, information, and arguments in society are communicated both locally and globally. Individuals and organiza ...

B bakery is a family owned firm with around 70 employees

B Bakery is a family owned firm with around 70 employees and sales revenue increased to more than $ 13.5 million during the past year. It has been in business for over 50 years and supplies bread and confectionary produc ...

Electronic health records ehr - discussionusability of the

Electronic Health Records (EHR) - Discussion Usability of the EHR Search the Web for information on the issue of usability and making the EHR more user friendly. 1. Compose a response discussing some of the key issues cl ...

Dbfind a current event article must be related to it policy

DB Find a current event article (must be related to IT Policy or Information Management Systems), create a mind map, and write a two to three paragraph summary of the article that includes three questions for the class a ...

Write a two to three 2-3 page paper in which you1analyze

Write a two to three (2-3) page paper in which you: 1. Analyze major technological innovations from the last five (5) years to determine the most significant innovation for entrepreneurs. Provide specific examples of how ...

Question 1 impact of long-term infrastructure decisionsread

Question 1. Impact of Long-Term Infrastructure Decisions Read the articles Total Cost of Ownership: Factors to Consider, 9 Questions to Ask Before Signing a Cloud Computing Contract, and Strengthening Your Core with Netw ...

Technical paper final project planespecially for you

Technical Paper: Final Project Plan Especially for You Jewelers is a small jewelry company in a college town. Over the last couple of years, it has experienced a tremendous increase in its business. However, its financia ...

The assessment that you will produce this week is an

The assessment that you will produce this week is an analysis of the hardware platforms and IO devices that are in place within the IT system. It is likely that you will encounter many different data processing platforms ...

Case studyas the business continuity manager you assign

Case Study As the Business Continuity Manager, you assign responsibilities for the completion of the Business Impact Analysis to each member of your team. You explain to your staff that they will be responsible to calcul ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

A cola-dispensing machine is set to dispense 9 ounces of

A cola-dispensing machine is set to dispense 9 ounces of cola per cup, with a standard deviation of 1.0 ounce. The manuf

What is marketingbullwhat is marketing think back to your

What is Marketing? • "What is marketing"? Think back to your impressions before you started this class versus how you

Question -your client david smith runs a small it

QUESTION - Your client, David Smith runs a small IT consulting business specialising in computer software and techno

Inspection of a random sample of 22 aircraft showed that 15

Inspection of a random sample of 22 aircraft showed that 15 needed repairs to fix a wiring problem that might compromise

Effective hrmquestionhow can an effective hrm system help

Effective HRM Question How can an effective HRM system help facilitate the achievement of an organization's strate