DMGChoicePoint Unrepentant, Unforgivable
This guys is so full of shit, I can't believe it. He says:
We worked with (authorities) and did the right thing disclosing the breach where a lot of companies may not have ever disclosed this. A lot of companies may not have ever disclosed this. Our vision is to make a safer, more secure world through the responsible use of information.
But as the editor of the interview pointed out, "ChoicePoint initially disclosed the theft only to Californians, as required under the state's breach notification act." Only after a public outcry were all 145,000 victims notified.
Baich blames, of all people, the media for the bad press this has generated. He says the frenzy presesents "a negative impression that suggests we failed to provide adequate protection."
But ChoicePoint did fail to protect the public. From ChoicePoint's website:
In a time when mouse clicks take the place of handshakes, and decision times are down to seconds, it is becoming increasingly important to know who you are doing business with. You need to be confident that a business is legitimate and protect your company's assets and reputation. ChoicePoint offers several cost-effective solutions to screen companies and business partners.
ChoicePoint couldn't even protect themselves.
Baich says that the theft was accomplished by an individual who, "circumvented our customer credentialing process by providing fraudulent documents, like business licenses, and became an authorized customer; i.e., the fraud." That's not the media's fault, and splitting hairs about what kind of breach this was does nothing to help ChoicePoint's reputation or the public's security.
Baich seems to be making the case that this was fraud, rather than a "computer hack". That's splitting hairs. Any security expert will tell you that the weak link in many security systems isn't technological, it's social, or personal. The fact that the thief used social engineering to breach their security doesn't mean that ChoicePoint couldn't have seen this coming. It means that ChoicePoint didn't take security seriously.
Rich Baich is a moral cripple who keeps trying to sell the notion that the breach wasn't ChoicePoint's fault, or that it isn't as serious as we think. He never learned to be a man. When you screw up, there is only one acceptable course of action: Apologise, and tell the people you've wronged how you plan to make it right, and why it won't happen again. Period.
This whole fiasco started because ChoicePoint is bad at what they do: verrifying identity and providing background checks. It's time for them to admit that.