The fraudsters posed as legitimate companies to gain access to ChoicePoint's massive credit database, which is normally used by businesses such as credit reference agencies, marketing agencies and insurance firms. They may have viewed consumers' names, addresses, Social Security numbers and credit reports, according to the company.
ChoicePoint notified around 35,000 California residents earlier this week, advising them that their information might have been accessed.
While California is the only state that currently requires businesses that have been targeted by identity thieves to notify their customers of the breach, ChoicePoint is also warning another 110,000 consumers, based outside California, that their information may have been viewed.
At present, according to ChoicePoint, law enforcement agencies have identified around 750 people who have already been the victims of identity theft as a result of the breach.
"This is a serious issue which ChoicePoint is addressing aggressively," the company said in an alert on its web site.
According to the Los Angeles Times only one person has been arrested in connection with the scam so far: Olatunji Oluwatosin, 41, from Hollywood.
Elsewhere, hacker Nicholas Lee Jacobsen, who broke into the US network of mobile phone company T-Mobile and accessed details of around 400 customers – including those of a Secret Service agent who investigates internet identity thieves – pleaded guilty to a hacking charge on Tuesday.
He faces up to five years in prison and a fine of $250,000.