SEC probing ChoicePoint stock sales

R.A. Hettinga rah at shipwright.com
Fri Mar 4 13:22:49 EST 2005 

<http://www.msnbc.msn.com/id/7087572/print/1/displaymode/1098/>
  MSNBC.com

SEC probing ChoicePoint stock sales
Execs sold shares before ID thefts made public
The Associated Press
Updated: 10:30 a.m. ET March 4, 2005


ATLANTA - ChoicePoint Inc., a leading data warehouser, says the Securities
and Exchange Commission is investigating stock sales by its top two
executives and the embattled company has decided to stop giving personal
information about consumers to small businesses. Its shares tumbled on the
news.

The dual announcements were made Friday by the Alpharetta, Ga.-based
company in a news statement and a regulatory filing.

The SEC probe involves sales of stock by chief executive Derek Smith and
president Douglas Curling for a $16.6 million profit in the months after
the company learned its massive database had been breached and before that
was made public.

ChoicePoint's stock had dropped about 10 percent since the personal
information breach at the data collector was announced Feb. 15. On Friday,
ChoicePoint shares fell $2.43, or 6 percent, to $37.85 in early trading on
the New York Stock Exchange.

Corporate governance experts say the pattern and timing of the trading by
Smith and Curling raise questions, while ChoicePoint has said the stock
trading was prearranged under a plan approved by the company's board.

The decision to stop selling data to small businesses was made because that
was the segment of the company that thieves tapped into to gain access to
ChoicePoint's database. Smith said in a statement that the decision follows
"the response of consumers who have made it clear to us that they do not
approve of sensitive personal data being used without a direct benefit to
them."

ChoicePoint said it will stop selling information products that contain
sensitive consumer data, including Social Security numbers, to small
businesses, except in limited cases where the products support federal,
state or local government purposes.

Last month, ChoicePoint said it was notifying about 145,000 Americans that
their Social Security numbers and other personal information may have been
viewed by criminals posing as legitimate ChoicePoint customers. The company
said Friday that the number of potentially affected customers may increase,
but it doesn't believe the increase will be substantial.

ChoicePoint has said repeatedly it learned of the breach in October, but
delayed disclosing it because it said California authorities had asked it
to keep quiet to protect the fraud investigation. It said in a detailed
explanation Friday that it first learned of the possibility of fraud on
Sept. 27. A similar breach involving 7,000 to 10,000 ChoicePoint records
occurred in 2002.

ChoicePoint said Friday the SEC has notified the company that it is
conducting an informal inquiry of the stock sales as well as the
circumstances surrounding the possible theft of people's identities in
connection with the breach of its database. The stock sales occurred
between November and February.

ChoicePoint said it will cooperate with the probe and "provide requested
information and documents to the SEC."

The company also said in a lengthy regulatory filing that the Federal Trade
Commission is conducting an inquiry into its compliance with federal laws
governing consumer information security and related issues.

The FTC has asked for information and documents regarding ChoicePoint's
customer credentialing process and the recent incident in Los Angeles
involving a Nigerian man who was accused of committing fraud using consumer
information from the company's database.

The company said it is a defendant in several lawsuits and complaints
arising from the breach. It said it could not estimate the financial impact
on the company of the customer fraud and related events.

It wasn't immediately clear how many customers the decision on small
businesses affects. ChoicePoint said Feb. 21 when it decided to rescreen
17,000 small business customers that that action affected 5 percent of its
annual revenue of $900 million.

In Friday's regulatory filing, it said that because it will no longer sell
information to small businesses, it expects a decline in core revenue this
year of $15 million to $20 million.

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list