Choicepoint Attack Case Study

Topics: Computer security, Identity theft, Authentication Pages: 3 (735 words) Published: December 2, 2013
The ChoicePoint Attack

Questions to be used as homework assignment prior to the case discussion or as the basis for a case discussion in class:

Choice Point Case

1. Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization. Be sure to include and indicate both tangible and intangible losses in preparing your response. [table] Fraudsters pose as legitimate customers, with the required documents, gathering personal information of other customers Tangible: Nothing really obviously wrong at this point, nothing unusual Intangible: Fraudsters are silently collecting personal information about ChoicePoint customers to be used later Use this information to gather further information including Social Security Numbers, Credit Report info, and Drivers License Numbers Tangible: Still no unusual activity to make ChoicePoint suspicious Intangible: Fraudsters getting even deeper in their infiltration, collecting more sensitive information as they gather the basic information which gives them access to the rest Building profiles on all of the customers, they are able to commit identity thefts on a large scale Tangible: Loss of customers, loss of faith in the company

Intangible: Loss of some sensitive information, however the company still has the information, just it is no longer secret or secured

2. What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? [table] ChoicePoint
Authorities
Nov. 2004 unusual activity to LAPD, comply with Authorities
Request that ChoicePoint keeps it private for now, so as to not cause chaos Jan. 2005 allowed to alert the affected customers
Grants access for ChoicePoint to talk about the committed crimes Feb. 2005 established assistance hotline for affected customers, pays for credit reports and one year of credit-report-monitoring for each affected client Attorneys representing the...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • case study Essay
  • Case Study Essay
  • case study Essay
  • Shark Attack Case Study Essay
  • Essay about Mk Case Study
  • Case Study 1 Essay
  • NATS Case study Essay
  • ESR case study Essay

Become a StudyMode Member

Sign Up - It's Free