AOH :: ISNQ4891.HTM

IT pro admits to stealing 8.4M consumer records




IT pro admits to stealing 8.4M consumer records
IT pro admits to stealing 8.4M consumer records



http://www.channelregister.co.uk/2007/12/04/admin_steals_consumer_records/ 

By Dan Goodin in San Francisco
4 Dec 2007

A senior database administrator for a consumer reporting agency in 
Florida has admitted stealing more than 8.4 million account records and 
selling them to a data broke. He netted $580,000 over five years from 
the scheme.

William Gary Sullivan, a DBA for Fidelity National Information Services, 
faces up to 10 years in federal prison and $500,000 in fines, although 
prosecutors agreed to recommend a more lenient sentence in exchange for 
his guilty pleas. He's also required to surrender all remaining proceeds 
and pay restitution to his victims.

Working for a subsidiary called Certegy Check Services, Sullivan used 
his access to Fidelity's database on to pilfer records that included 
individuals' names, addresses and financial account information, 
according to court documents. To cover his tracks, he incorporated a 
business called S&S Computer Services, which sold the data to an 
unindicted co-conspirator. The unidentified cohort, according to 
authorities, then resold the consumer information to direct marketers, 
including one called Strategia Marketing, which also went by the name 
Suntasia.

The scheme first came to light in July, when Fidelity disclosed that an 
employee absconded with 2.3 million records [1]. Fidelity was alerted to 
the theft by a retail customer, which noticed a "correlation between a 
small number of check transactions and the receipt by the retailer's 
customers of direct telephone solicitations and mailed marketing 
materials".

Fidelity later raised the estimate to 8.5 million records. The company 
has said it is unaware of any identity theft or fraudulent financial 
activity resulting from the theft. Rather, it believes the stolen 
records were used for marketing purposes. 

[1] http://www.theregister.co.uk/2007/07/04/fidelity_employee_steals_records/ 


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods