Breach of Information

In February 2005, ChoicePoint, a corporation that collects and compiles information that includes personal and financial information on millions of consumers, disclosed that it been the victim of a security breach wherein it had sold personal information of almost 145,000 people to a criminal enterprise. The company first disclosed the breach only to California residents, as required by California's Notice of Security Breach law (Cal. Civil Code §1798.29), enacted in 2002. However, the company later disclosed that residents in other states, the District of Columbia and three territories also may have been affected by the ChoicePoint breach. Numerous other breaches of security at corporations, government agencies, and educational institutions have since been reported, and a majority of states have enacted security breach disclosure laws.

Security Breach Notification Legislation/Laws

Related NCSL Links

NCSL Contact: Pam Greenberg,  NCSL Denver Office.