The Federal Trade Commission has struck a $15 settlement with ChoicePoint, the credit data outfit over the company’s security breaches in 2004, reports the New York Times . ChoicePoint happily sold credit histories to fake businesses that used the data to steal consumer’s identities.

The government says there were obvious red flags in the fraudulent applications, like they were all faxed from the same number and the addresses were mail drops and the only phone numbers for the fake businesses were cell phone numbers.

The company has promised to do better in future and will have its security procedures monitored as part of the settlement. The story only came to light because California law requires consumers be notified and the company was forced to out itself by telling the victims of its laxity in the Golden State what had happened.

It’s hard not to disagree with Sen. Charles Schumer (D-N.Y.) who says they got off lightly. The $10 million is a record but it’s not huge compared with the potential damage. One sure sign they got a good deal: A spokesman said, “We … believe it’s in the best interests of everyone to put this behind us.”