choice point case study
The Choice Point case study.
Choice Point Case
1. Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization. Be sure to include and indicate both tangible and intangible losses in preparing your response. [table]
Nature of the information security
Effects
Hacking – customer information was taken by the users who are not authorized
Lawsuit and the customers are not happy
Authentication failure
The more secured new system of authentication is required
Loss of customer trust
Customers do not trust the company anymore, new customers do not appear. Some employees could leave the company
Government investigation
A lot of fines and a destroyed reputation
2. What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? [table]
Actions
Assessments
ChoicePoint contacts LAPD
Freeze the data first and then contact the police – less harm would have been done
LAPD
Request that ChoicePoint does not reveal the activity until the department conducts an investigation. Had to tell ChoicePoint to take action right away
LAPD
Notify ChoicePoint that it could get back to those customers whose data has been hacked. Had to say this before
ChoicePoint contacts the compromised customers
That was the decision of the police to let the customers know no earlier than this time, however customers deserved to know earlier
Open a hotline for the compromised consumers
Support of the victims, right decision
Set up the service: one year credit-report-monitoring
The decision is great to cover that what the victims lost and also keep the customers
Attorney initiates lawsuit
The customers who became victims of this sitution can claim the loss, right decision
Senate starts investigation
Could have started earlier, right decision
Northing reveals until the investigation is finished
Had to reveal before to save the company and
Choice Point Case
1. Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization. Be sure to include and indicate both tangible and intangible losses in preparing your response. [table]
Nature of the information security
Effects
Hacking – customer information was taken by the users who are not authorized
Lawsuit and the customers are not happy
Authentication failure
The more secured new system of authentication is required
Loss of customer trust
Customers do not trust the company anymore, new customers do not appear. Some employees could leave the company
Government investigation
A lot of fines and a destroyed reputation
2. What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? [table]
Actions
Assessments
ChoicePoint contacts LAPD
Freeze the data first and then contact the police – less harm would have been done
LAPD
Request that ChoicePoint does not reveal the activity until the department conducts an investigation. Had to tell ChoicePoint to take action right away
LAPD
Notify ChoicePoint that it could get back to those customers whose data has been hacked. Had to say this before
ChoicePoint contacts the compromised customers
That was the decision of the police to let the customers know no earlier than this time, however customers deserved to know earlier
Open a hotline for the compromised consumers
Support of the victims, right decision
Set up the service: one year credit-report-monitoring
The decision is great to cover that what the victims lost and also keep the customers
Attorney initiates lawsuit
The customers who became victims of this sitution can claim the loss, right decision
Senate starts investigation
Could have started earlier, right decision
Northing reveals until the investigation is finished
Had to reveal before to save the company and