Federal regulators may have intensified their probe of ChoicePoint Inc., the data broker under fire for disclosing sensitive information about at least 150,000 people to scam artists.
On Monday, Alpharetta, Ga.-based ChoicePoint said in a quarterly filing that it had been notified that the Securities and Exchange Commission was conducting "an investigation" related to the unintended disclosures as well as stock sales by top executives.
In its quarterly filing to shareholders three months earlier, the company said it had been contacted as part of an "informal inquiry" by the agency.
Although that might appear to be a trivial change in wording, former SEC attorneys and other experts said it probably signaled an upgrade to a formal investigation authorized by the SEC commissioners.
The SEC declined to comment Tuesday.
"You don't casually drop 'informal inquiry' and substitute 'an investigation' unless there has been a formal investigation opened pursuant to an order," said Bob Davis, a former Justice Department attorney who now defends SEC targets.
If that's the case, SEC investigators would have the power to subpoena documents and compel witnesses to testify.
"The language to me sounds ambiguous, but it would seem to indicate that the status of the investigation has changed," said Gregory Lawrence, a former senior counsel at the SEC's enforcement division.
The SEC tends to approve formal investigations when it believes there is a likelihood that the law has been broken, and such a step "absolutely" increases the chances of an enforcement action, Lawrence said. He cautioned that he had no knowledge of ChoicePoint's specific case.
Said Chuck Jones, a spokesman for the company, "ChoicePoint cannot comment on the current SEC activity." He would not say whether the company had received any subpoenas.
ChoicePoint's disclosures in February that it had exposed credit reports and other data to Los Angeles-area con men posing as legitimate business customers triggered alarms.
Reports of major security breaches at other firms have followed, and Congress is weighing a raft of legislation that would give consumers more control of the vast amounts of data about them that are being sold.
The SEC is looking into ChoicePoint's role in facilitating identity theft, as well as stock sales by the company's chief executive and chief financial officer before the problems became public knowledge.
The Federal Trade Commission and a number of state attorneys general also are investigating, and several private lawsuits have been filed.
In its quarterly report Monday, ChoicePoint said it expected to notify still more consumers that their data were exposed in other incidents.
In an unrelated matter, the company disclosed that it had agreed to pay as much as $7 million to settle an Illinois class-action lawsuit by insurance agents.
The agents said ChoicePoint took information from their inquiries about potential insurance clients and then sold the names back to them and to competitors as sales leads.