ChoicePoint Inc. has 19 billion data files, full of personal information about nearly every American adult. In minutes, it can produce a report listing someone's former addresses, old roommates, family members and neighbors. The company's computers can tell its clients if an insurance applicant has ever filed a claim and whether a job candidate has ever been sued or faced a tax lien.

But last October, after its databases were accessed by a man bent on identity theft, there was one thing ChoicePoint struggled to do: Figure out just what records had been stolen.

"They said it was a huge task and they didn't have the staff to do it," says Lt. Robert Costa, head of the Los Angeles County sheriff's department identity-theft squad. "Apparently their technology wasn't built so you were able to find the electronic footsteps these guys left."

Months passed before ChoicePoint was able to estimate the number of people whose personal data had been compromised, which it pegged at--5,000. It couldn't say whether any of the data had been used to steal from the victims or get fraudulent loans. The sheriff's department, meanwhile, came to more alarming conclusions. It estimated that data had been downloaded on millions of people, and used to run up millions of dollars in fraudulent credit-card charges.

The vulnerability of the company's data and its difficulty in tracking the breach point to a paradox. ChoicePoint and similar data sellers pitch their troves of private information as a hope for restoring personal security to a society fraught with anxiety over terrorism and crime. The chief executive of ChoicePoint, Derek Smith, espouses a thesis that society is better off if everyone can check the background of anyone else. Yet the very existence of these vast information stockpiles -- vulnerable to both error and poaching -- has spawned a new area of worry and risk.

For a time last year, one could even buy ChoicePoint background-check kits at Sam's Club for $39.99, though ChoicePoint says it required buyers to prove valid business purposes for using them. It pulled the product after a few months, saying it had been just a test.

The massive data theft at ChoicePoint wasn't the result of crafty computer hackers using a sophisticated technology. An imposter defeated the defenses with rudimentary means: simply claiming over the phone and on written forms to be somebody he wasn't.

Other cases hint at how frequent such breaches may be. They include dozens of incidents disclosed by Reed Elsevier PLC's LexisNexis, another big personal database, plus the loss or improper disclosure of data on millions of people by some banks, credit-card processors, universities and mutual funds. Just Monday, Time Warner Inc. disclosed the loss during shipment of personal information on 600,000 current and former employees.

ChoicePoint, which became a stock-market favorite by acquiring a host of companies that collect public records and personal data, now is the subject of multiple inquiries. Investigators include the Federal Trade Commission and several state attorneys general, in addition to the Los Angeles sheriff. The Securities and Exchange Commission is looking at stock sales made by top executives between the time the problem was discovered and when it was announced.

Meanwhile, the breach at competitor LexisNexis is the subject of a probe led by a California district attorney's task force. Parent company Reed Elsevier said in March it was "working with law enforcement for further insight and assistance on new practices and techniques for thwarting criminal activities." Several states and Congress are considering new legislation to make sure people are notified if information on them is mishandled.

ChoicePoint, based in Alpharetta, Ga., says it goes to great lengths to make sure only authorized users get access to its stores of personal data. Mr. Smith, its chairman and chief executive, says the company, which previously focused its products on protecting businesses from fraud, must work to include consumers more.

"The needs of consumers and society must be the central focus of our company's and our industry's efforts," Mr. Smith said in a statement Monday. "We believe regulation will give consumers additional protections, remove risk from the industry model and ensure all competitors are playing on the same, level field."

In response to the theft, ChoicePoint says it is "re-credentialing" business clients to be sure they can access only the data to which they are entitled. It plans to require site visits for business customers accessing sensitive consumer data. The company says private investigators and some debt collectors will be allowed to see only "truncated versions" of Social Security numbers, driver's licenses and credit reports.

"We've changed our business model" to prevent anything similar from happening, says a spokesman, Dan McGinn. He says ChoicePoint also now favors allowing consumers themselves wider access to information it stores on them, though it's still working out details.

As for the delay in tracking what was stolen last fall, Mr. McGinn says: "Every organization that has been the victim of this sort of crime understands that the task of retracing the trail of cyberthieves is an endlessly complex job."

ChoicePoint collects data from insurers and an extensive network of contractors who scoop up nuggets from public filings, financial-services firms, phone directories and forms people fill out when applying for loans. Pointing to 7.3 million background checks it did last year, the company says just .0008 percent have been shown to contain incorrect information.

But for ChoicePoint, the theft has cracked an image carefully crafted by Mr. Smith, its charismatic 50-year-old leader, whose message is that broadening the ability to check backgrounds can reduce crime and make the U.S. economy more efficient.

"The way to protect society is to restore the very best of small-town life," Mr. Smith wrote in "Risk Revolution," a book published last year. "Technology, responsibly used ... can rekindle the sense of community, security and safety." In an interview in March, he warned of the problem that Americans "have more and more relationships with people we know less and less about."

Mr. Smith grew up in what he has called the 1960s Steven Spielberg idyll of Sayville, N.Y., and then played wide receiver at Penn State for the legendary football coach Joe Paterno. In 1993, while working at Equifax Inc., he began running a unit that stored information to help insurers and banks tell if customers were creditworthy. Seeing how this could be combined with other publicly available information to create complex databases, Mr. Smith launched a blaze of acquisitions. A single purchase brought in 1,600 online databases containing mountains of criminal, bankruptcy, court-judgment and lien information.

In 1997, Equifax spun off the unit into a publicly traded concern with Mr. Smith as CEO. It took the name of ChoicePoint, signaling that it would help clients make smart decisions when they reach a "choice point."

ChoicePoint took over a host of niche databases, such as those with birth, death and divorce records, and its stock more than tripled by the end of 2000. It has acquired 57 companies since the spinoff and announced another planned acquisition Monday, a fraud-detection firm called Magnify Inc., to be bought for an undisclosed amount.

Some have brought complications. Consider DBT Online, owner of databases such as AutoTrack, which offers comprehensive reports based on data about people's homes, property, associates and legal affairs. ChoicePoint bought DBT two years after its founder left in a disagreement with other management. The founder, Hank Asher, a brilliant but unorthodox technology pioneer, founded a new company, Seisint, and he and ChoicePoint soon were embroiled in messy litigation over technology and his noncompete agreement, not settled until March. (Seisint is now part of Reed Elsevier.)

At DBT, some displayed their resistance to ChoicePoint's 2000 takeover by wearing DBT shirts when ChoicePoint managers visited. Tension developed between workers from various acquired companies and the original employees who came from Equifax, some of whom were getting rich on early stock options.

During the disputed 2000 presidential vote in Florida, a DBT database that was used to remove felons from voter rolls wrongly included some people, sometimes because of similarities in name. ChoicePoint says DBT had warned state officials of potential mistakes, only to be told to proceed; it adds that it didn't acquire DBT until after the purging of the voter rolls.

In January 2001, ChoicePoint paid a $1.3 million fine to the state of Pennsylvania after one of its vendors transmitted driver's-license data via the Internet.

Then traumatic events -- the Sept. 11 terrorist attacks and the Washington-area sniper case -- lent credence to Mr. Smith's concept that access to personal data can make people safer. ChoicePoint helped do background checks for a new corps of airport screeners, and it was a resource for companies that wanted to check employees more carefully.

Investigators of the sniper attacks used its databases to track the blue Chevrolet Caprice in which the suspects were arrested. A ChoicePoint DNA lab helped identify victims of Sept. 11. More recently, the company sent technicians to advise governments trying to use DNA to identify Indian Ocean tsunami victims.

Alongside these benefits, though, has been a steady stream of incidents in which its databanks appear to have misserved people like Bettye Marshall.

When Ms. Marshall got a $6,000 home-improvement loan from a credit union in April 2003, she had to pay relatively high interest because of a weak credit score. The credit check had showed a court ruling ordering her to pay overdue rent to a former landlord in a Washington, D.C., suburb.

But the judgment had been caused by a court error and vacated by a judge -- facts that didn't make it into her credit history. It turned out that a ChoicePoint contractor at a courthouse hadn't properly updated the file, and that Equifax, the credit bureau, purchased the erroneous entry from ChoicePoint.

"The only thing you have is your good name," says Ms. Marshall, 61, who filed suit against both companies. A ChoicePoint court filing called the slip "a one-time lapse in ... updating." In late March a federal judge in the District of Columbia dismissed her suit after ruling that ChoicePoint had met its obligation under federal law to investigate and fix the error once notified.

In another case, Boston Market Corp. fired a restaurant worker after a ChoicePoint background check showed felony convictions he hadn't listed on his application. The report should have described the convictions -- for larceny and criminal impersonation -- as misdemeanors.

The fired man, Randy Cruz, now has a libel and slander suit against Boston Market (a unit of McDonald's Corp.) and the manager who fired him. They, in turn, have sued ChoicePoint, maintaining that it owes them damages if they are found liable to Mr. Cruz. In federal court in Connecticut, where all the litigation is pending, ChoicePoint has said that it "followed reasonable procedures to assure maximum possible accuracy" for the background check.

Beyond the problem of wrong data is that of wrong clients. A former ChoicePoint marketing manager says her colleagues often discussed how hard it was to verify someone claiming to be a private investigator eligible to access data. But the former executive, Mimi Bright Ribotsky, isn't sure the company sufficiently appreciated the problem. "I didn't think people realized what could happen as far as information getting into the wrong hands," says Ms. Ribotsky, who says she left in 2002 to attend to her family and remains a ChoicePoint admirer.

The problem ChoicePoint is coping with now began in mid-October, when the employees grew suspicious that a dozen small-business users of AutoTrack had fraudulently gained access. According to later court testimony by L.A. County sheriff's department detective Duane Decker, ChoicePoint first alerted the department on Oct.--, then called two weeks later with new concerns.

The company said a caller with a distinctive foreign accent, identifying himself as James Garrett of MBS Collections, applied for an account that would give him access to ChoicePoint data. In another phone call, what sounded like the same man identified himself as John Galloway of Gallo Financial, also applying for an account. Faxed driver's licenses for both applicants arrived, with photos that, like the voices, seemed identical.

Sheriff's investigators set up a sting. When "James Garrett" called again, the firm, at a detective's instruction, told him to go to a Copymat store on Sunset Boulevard to pick up a fax. There, investigators confronted a man named Olatunji Oluwatosin. He dropped to the ground ChoicePoint applications that bore both the MBS and Gallo business names.

The applications, reviewed by The Wall Street Journal, suggest how much ChoicePoint depended on the honor system in deciding whom to let see its trove of personal information. A one-page form asked the applicant for basic data such as phone and fax numbers, a business-license number and an email address. In a field asking for the proposed business use for the databases, "James Garrett" and "John Galloway" wrote, "We use the services for collecting debt." Fine print from ChoicePoint near the bottom of the form warned: "Data use(s) limited to listed, appropriate business purposes."

ChoicePoint's Mr. McGinn says the vetting process in that period included some checks of documentation, but that in this case, vulnerabilities were exploited. He says the company has since plugged the holes in its vetting process.

A search of Mr. Oluwatosin found five cellphones listed in various names, some with numbers that had been used to open accounts at ChoicePoint. The search also found three credit cards issued in different names. The credit accounts had been fraudulently opened, Detective Decker later testified in California Superior Court in Los Angeles, adding that investigators quickly found about $20,000 in fraudulent charges in them.

Next, investigators used information found at Mr. Oluwatosin's home to search some post-office boxes. They pieced together an initial list of 700 people whose mail someone had redirected -- a common tactic of identity thieves. That number is now in the thousands, police say.

On Mr. Oluwatosin's kitchen counter, detectives found printouts from ChoicePoint databases, showing that ChoicePoint accounts had been used to make 17,000 searches, Mr. Decker testified. He estimated that personal information might have been downloaded on as many as four million people this way. ChoicePoint disputes that estimate but says the number of victims may grow higher than the--5,000 it has so far acknowledged.

Mr. Smith initially said this breach was ChoicePoint's first. In a securities filing, however, the company soon acknowledged a "limited" number of prior ones. And ChoicePoint's president, Douglas Curling, later told a Senate hearing that "between 45 and 50" previous data breaches had occurred, some of them resulting in criminal convictions.

A spokesman says Mr. Smith misspoke and what Mr. Curling meant to say was that 45 to 50 fake accounts had been uncovered in the current investigation. The spokesman wouldn't say how many consumers were affected.

On Oct. 26, the day before the sting, ChoicePoint directors cleared the company's two top executives to carry out large prearranged stock sales, under an SEC rule that allows sales as long as officers don't have material nonpublic information. The plan let Mr. Smith sell up to 11 percent of his stake in the company and Mr. Curling up to 13 percent of his.

Both sold shares in November, according to Thomson Financial, and continued selling up to the time in February when ChoicePoint began notifying consumers that data on them might have been compromised. After the breach became publicly known, ChoicePoint's stock fell. It's now off about 18 percent from its peak in early February. The stock-sale program was halted in March.

ChoicePoint declined to provide further details about the stock sales, citing the SEC investigation. Mr. Smith has said that the two executives didn't know about the database breach until January, well after they had set up their stock sales, and that the sales were proper.

Since Mr. Oluwatosin's arrest, local, state and federal investigators have concluded he was part of a major identity-theft ring that used ChoicePoint to gain personal data to conduct larger frauds. They believe the ring breached insurance companies, mortgage companies and other firms that store personal data. Mr. Decker says in an interview that investigators consider the ring responsible for "millions" of dollars in fraudulent charges. They also believe it paid workers at various companies who handle sensitive data to provide it to black marketers who sell identities for $2,000 to $7,000 each.

Mr. Oluwatosin pleaded no contest in February to one count of felony identity theft in California Superior Court in Los Angeles. He is serving a 16-month sentence in state prison.

Privacy Peril

A few of the incidents of personal-information theft or loss disclosed this year.

Data stolen
ChoicePoint: Names, addresses,--5,000(1), Social Security numbers
DSW Shoe Warehouse: Credit-debit-card and 1.4 million driver's-license numbers
LexisNexis: Social Security and 310,000 driver's-license numbers

Data lost
Bank of America: Social Security numbers 1.2 million
Time Warner: Social Security numbers, 600,000 employee information

(1)Los Angeles County Sheriff's Department estimates this number could be in the millions.
Sources: WSJ research; Associated Press; the companies