Democrats, including Sens. Patrick Leahy of Vermont, Dianne Feinstein of California and Charles Schumer of New York, have been calling for a Judiciary Committee inquiry into whether more regulation of companies such as ChoicePoint Inc. that buy and sell personal data is needed.
"I got a letter from Senator Leahy yesterday on identity theft issue and I immediately said we can hold a hearing," said Senate Judiciary Chairman Arlen Specter, R-Pa.
Specter did not give a schedule for the hearings.
Formed in 1997 as a spin off of credit reporting agency Equifax Inc., ChoicePoint has 19 billion public records in its database at its suburban Atlanta headquarters, including motor vehicle registrations, license and deed transfers, military records, names, addresses and Social Security numbers.
It revealed last week that thieves apparently used previously stolen identities to open ChoicePoint accounts and received volumes of data on consumers, including names, addresses, Social Security numbers and credit reports.
ChoicePoint says 144,778 people may have been affected by the breach, while California authorities estimate up to 500,000. The ring operated for more than a year before it was detected and used the information to defraud at least 750 people, investigators said.
CBS News Correspondent Jim Acosta reports that, despite many consumers' lack of awareness of ChoicePoint or similar database agencies, these companies' security breaches have destroyed credit history and financial credibility for hundreds, and perhaps thousands, of Americans.
"We've talked to many individuals whose lives are essentially ruined because of erroneous information in the database," said Beth Givens, of Privacy Rights Clearinghouse.
One identity theft victim Acosta interviewed, Ronald Peterson, said he now has all sorts of aliases.
"I'm a female prostitute in Florida," Peterson said. "I'm a convicted manslaughterer in Texas."
Warren Lambert thought it was just another piece of junk mail until he read the letter more closely and learned that con artists may have obtained his Social Security number, name and address — just what they need to steal his identity and ruin his credit.
Lambert, a retired banker in San Francisco, now spends several hours a day phoning customer service agents, poring over credit card statements, ordering credit reports and checking bank accounts.
He worries that thieves will eventually do to him what sheriffs detectives in Los Angeles say they've done to more than 700 other people — reroute his mail, ring up credit card debts, buy a car or even commit a felony in his name.
"Now I have to be on a credit monitoring service and look over my shoulder for the rest of my life," said Lambert, 67. "I feel sorry for the younger victims who are eventually going to buy a house or a car. They'll try to buy and then they'll discover that their credit is ruined."
Feinstein says the ChoicePoint thefts prove that there needs to be federal regulation of information brokers, and that Americans need to have more control over their personal data.
"The ChoicePoint situation is perhaps the biggest indication of the vulnerability and lack of protection of individuals' personal data," she said.
She has introduced a bill that would expand nationwide a California consumer protection law that requires companies to tell people if there is a breach in their data systems. She also wants information brokers to be forced to ask permission from people to sell their most sensitive personal information.
Schumer, too, plans legislation that would create federal rules setting conditions under which companies can provide or sell access to private information.