Skip Links

Fidelity National Information Services: Ex-worker stole 2.3 million customer records

Former database administrator responsible for data breach

By , Network World
July 03, 2007 11:30 AM ET

Network World - Fidelity National Information Services, a financial-processing company that is unrelated to Fidelity Investments, said today a senior-level database administrator at one of its subsidiaries stole 2.3 million consumer records containing credit card, bank account and other personal information.

“It’s a reminder that the best security systems are not immune to rogue employees,” said Renz Nichols, president of the subsidiary, Certegy Check Services, in a press conference today. The company uncovered the actions of the worker, who was terminated, in the beginning of May, Nichols said. He added that Certegy at this stage of the investigation believes that the database administrator didn’t transmit the files electronically over a network but may have stolen them by storing them sometime earlier this year in a device that could be carried out the door.

He said Certegy is working with the Tampa office of the U.S. Secret Service and the Pinellas County Sheriff’s Office in Florida to pursue prosecution of the individual, whom he declined to name.

However, a spokeswoman for Fidelity National Information Services has confirmed that the name of the ex-database administrator is William Sullivan, said to own a company called S&S Computer Services in Largo, Fla. Efforts to reach Sullivan and S&S Computer Services for comment were not successful.

The theft entails records, which include names, addresses, telephone numbers as well as bank-account and credit-card information. The database administrator allegedly sold this data for an undisclosed amount to a data broker, Certegy Check Services said.

The data broker in turn sold the information to various marketing firms. Certegy said the theft came to light when one of Certegy’s check-processing customers alerted Certegy to a correlation between a small number of check transactions and the receipt by the retailer’s customers of direct telephone solicitations and mail-marketing materials.

Certegy said it launched an investigation with the help of the U.S. Secret Service, which contacted the marketing companies to question them in order to trace the source of the data.

The U.S. Secret Service was able to identify the company supplying the information, and Certegy and the Secret Service determined the company was owned and operated by a Certegy employee.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News