January ended with the sensational news of Choicepoint's settlement with the FTC. The company had to shell out a whopping $15 million for a security breach that resulted in 160,000 people being exposed to identity theft. $10 million was in the form of a federal fine and $5 million to be paid into a fund to compensate people who may have suffered as a result of the breach.

The FTC said that this is the largest civil penalty it has ever imposed.

Last year, Bank of America Corp. lost computer data tapes containing personal information on 1.2 million federal employees, including some members of the U.S. Senate.

A 2003 FTC survey estimated that nearly 10 million consumers discovered that they were victims of some form of identity theft in the preceding 12 months, costing American businesses an estimated $48 billion in losses and costing consumers an additional $5 billion in out-of-pocket losses.

The identity theft survey also found that victims of the two major categories of identity theft cumulatively spent, almost 300 million hours- or an average of 30 hours per person-correcting their records and reclaiming their credit. Consumers must wonder, what more can be done to correct these problems?

The FDIC recently voted in favor of requiring banks to warn customers when there has been a suspected case of identity theft. The type of information covered by the new rule is "sensitive customer information," which is defined as a customer's name, address or phone number, in conjunction with social security or driver's license numbers, account, credit or debit card numbers, or an identification number that permits access to an account.