|
|
http://www.channelregister.co.uk/2007/12/04/admin_steals_consumer_records/
By Dan Goodin in San Francisco
4 Dec 2007
A senior database administrator for a consumer reporting agency in
Florida has admitted stealing more than 8.4 million account records and
selling them to a data broke. He netted $580,000 over five years from
the scheme.
William Gary Sullivan, a DBA for Fidelity National Information Services,
faces up to 10 years in federal prison and $500,000 in fines, although
prosecutors agreed to recommend a more lenient sentence in exchange for
his guilty pleas. He's also required to surrender all remaining proceeds
and pay restitution to his victims.
Working for a subsidiary called Certegy Check Services, Sullivan used
his access to Fidelity's database on to pilfer records that included
individuals' names, addresses and financial account information,
according to court documents. To cover his tracks, he incorporated a
business called S&S Computer Services, which sold the data to an
unindicted co-conspirator. The unidentified cohort, according to
authorities, then resold the consumer information to direct marketers,
including one called Strategia Marketing, which also went by the name
Suntasia.
The scheme first came to light in July, when Fidelity disclosed that an
employee absconded with 2.3 million records [1]. Fidelity was alerted to
the theft by a retail customer, which noticed a "correlation between a
small number of check transactions and the receipt by the retailer's
customers of direct telephone solicitations and mailed marketing
materials".
Fidelity later raised the estimate to 8.5 million records. The company
has said it is unaware of any identity theft or fraudulent financial
activity resulting from the theft. Rather, it believes the stolen
records were used for marketing purposes.
[1] http://www.theregister.co.uk/2007/07/04/fidelity_employee_steals_records/
__________________________________________________________________
Visit InfoSec News
http://www.infosecnews.org/