Ask Question, Ask an Expert

+61-413 786 465

info@mywordsolution.com

Ask Management Information System Expert

The ChoicePoint Attack

ChoicePoint, the Georgia-based corporation, offers risk-management and fraud-prevention data. Traditionally, ChoicePoint provided motor vehicle reports, claims histories, and similar data to the automobile insurance industry; in recent years, it broadened its customer base to include general business and government agencies. Today, it also provides data for volunteer and job-applicant screening and data to assist in location of missing children. ChoicePoint has over 4,000 employees, and its 2004 revenue was $918 million.

In the fall of 2004, ChoicePoint was victim of the fraudulent spoofing attack in which unauthorized individuals posed as legitimate customers and obtained personal data on more than 145,000 individuals. According to a company's Web site:

These criminals were able to pass our customer authentication due diligence processes by using stolen identities to make and produce the documents needed to appear legitimate. As small business customers of ChoicePoint, these fraudsters accessed products which contained basic telephone directory-type data (name and address information) as well as a combination of Social Security numbers and/or driver's license numbers and, at times, abbreviated credit reports. They were also able to obtain other public record information including, but not limited to bankruptcies, liens, and judgments; professional licenses; and real property data.

ChoicePoint became aware of the problem in November 2004, when it noticed unusual processing activity on some accounts in Los Angeles. Accordingly, company contacted the Los Angeles Police Department, which requested that ChoicePoint not reveal the activity until the department can conduct an investigation. In January, the LAPD notified ChoicePoint that it can contact the customers whose data had been compromised.

This crime is an ex of the failure of authentication and not a network break-in. ChoicePoint's firewalls and other safeguards were not overcome. Instead, the criminals spoofed legitimate businesses. Infiltrators obtained valid California business licenses, and until their unusual processing activity was detected, appeared to be legitimate users.

In response to this problem, ChoicePoint established the hotline for customers whose data were compromised to call for assistance. They also purchased the credit report for each of these people and paid for a one-year credit-report-monitoring service. In February 2005, attorneys initiated the class-action lawsuit for all 145,000 customers with the initial loss claim of $75,000 each. At the same time, the U.S. Senate announced that it will conduct an investigation.

Ironically, ChoicePoint exposed itself to the public relations nightmare, considerable expense, a class-action lawsuit, a Senate investigation, and a 20 percent drop in its share price because it contacted the police and cooperated in the attempt to apprehend the criminals. When ChoicePoint noticed the unusual account activity, had it simply shut down data access for the illegitimate businesses, no one would have known. Of course, the 145,000 customers whose identities had been compromised would have unknowingly been subject to identity theft, but it is unlikely that such thefts could have been tracked back to ChoicePoint.
Source: choicepoint.com/news/statement_0205_1.html#sub1 (accessed February 2005). Used with permission of Choice.Point.com.

Answer the following problems:

problem1) Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization.  Be sure to include both tangible and intangible losses in preparing your response.

problem2) What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? 

problem3)What reactive steps by ChoicePoint might have mitigated their losses subsequent to their discovery of the information security breach?  describe/justify your choices. 

problem4) What proactive steps by ChoicePoint might deter a reoccurrence of such an information security breach?  describe/justify your choices.

Management Information System, Management Studies

  • Category:- Management Information System
  • Reference No.:- M9574

Have any Question? 


Related Questions in Management Information System

Question create an infographic using an infographic maker

Question : Create an infographic using an infographic maker, such as Piktochart, Venngage, or Canva, displaying an organization chart showing the following: The job titles provided in your summary and how they fit in wit ...

This assignment answer it in 4-6- page essay make sure you

This assignment; answer it in 4-6- page essay. Make sure you follow the Chicago writing style guide (cover page, page numbering, double space, headings/subheadings, etc). The use of required texts and readings from this ...

Assignment capabilities proposal you are a 10 million

Assignment : Capabilities Proposal You are a $10 million consulting company responding to a Capabilities Proposal for a prospective client. The client seeks an analysis of its existing network in anticipation of a large ...

This week we discuss the levels of care in the us

This week we discuss the levels of care in the U.S. healthcare system. There are three delivery mode options. The delivery mode you will be discussing depends on the first initial of your last name. See the table below. ...

Research the art and evolution of code breaking

Research the art and evolution of code breaking (cryptanalysis). Explore how it was achieved during World War II between the Axis and Allies in terms of Enigma and Ultra. Then research how its done today -compare and con ...

Discussion one of the challenges of big data and the use of

Discussion : One of the challenges of big data and the use of it to solve problems is understanding the context and quality of the data being used. This is particularly true when internal data is integrated with external ...

Question - are ltc beds the only place to put us are there

Question - Are LTC beds the only place to put us? Are there other alternatives that are more cost-efficient? Given issues of quality -- either perceived or actual -- in many LTCs, do we really even want to keep tradition ...

Question suppose dr smart has designed a 4des cipher which

Question : Suppose Dr. Smart has designed a 4DES cipher which encrypts data m in the following way: c= Dk4(Dk3(Ek2(Ek1(m)))), where E and D denote the encryption and decryption operation of DES. To break this cipher and ...

1 discussion questionsearch scholar google for a company

1. Discussion Question Search "scholar google" for a company, school, or person that has been the target of a network or system intrusion? What information was targeted? Was the attack successful? If so, what changes wer ...

Suburban homes construction project quality management plan

Suburban Homes Construction Project Quality Management Plan (QMP) Prepare a quality management plan using the elements described in the PMBOK 6e (Section 8.1.3.1) for the Suburban Homes Construction Project. Content Over ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Why might a bank avoid the use of interest rate swaps even

Why might a bank avoid the use of interest rate swaps, even when the institution is exposed to significant interest rate

Describe the difference between zero coupon bonds and

Describe the difference between zero coupon bonds and coupon bonds. Under what conditions will a coupon bond sell at a p

Compute the present value of an annuity of 880 per year

Compute the present value of an annuity of $ 880 per year for 16 years, given a discount rate of 6 percent per annum. As

Compute the present value of an 1150 payment made in ten

Compute the present value of an $1,150 payment made in ten years when the discount rate is 12 percent. (Do not round int

Compute the present value of an annuity of 699 per year

Compute the present value of an annuity of $ 699 per year for 19 years, given a discount rate of 6 percent per annum. As