Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Database admin steals 2.3M consumer records at Fidelity National subsidiary

The data included names, addresses, birth dates, bank account and credit card information

July 3, 2007 12:00 PM ET

Computerworld - Call it the case of hiring a fox to guard the hen house. A senior database administrator at a subsidiary of Fidelity National Information Services Inc. who was responsible for defining and enforcing data access rights at the company instead took data belonging to about 2.3 million consumers and sold it to a data broker.

The broker in turn sold a subset of the data to other marketing companies. The stolen data included names, addresses, birth dates, bank account and credit card information, the company said in a statement released today.

For the moment at least, it appears that the companies that bought the information have mainly used the data to send marketing solicitations to affected individuals, Fidelity said in its statement.

Fidelity National Information Services describes itself as a provider of "core financial institution processing, card issuer and transaction processing services, mortgage loan processing and related information products and outsourcing services to financial institutions, retailers, mortgage lenders and real estate professionals." It is separate from the better-known Fidelity Investments.

"We have no reason to believe that the theft resulted in any subsequent fraudulent activity or financial damage to the consumer," Renz Nichols, president of Fidelity subsidiary Certegy Check Services Inc. was quoted as saying in the release.

The database administrator, who has since been terminated, worked for Certegy, which provides a check-authorization service to help merchants decide whether to accept checks as payment for goods and service.

The theft was first noticed when one of Certegy's retail customers in early May reported a correlation between a "small amount" of check transactions and the receipt by the retailers' customers of telephone and mailed marketing solicitations, Fidelity said.

When an internal Certegy investigation prompted by the compliant failed to find any evidence of a computer breach, the company asked the U.S. Secret Service to contact the companies sending the solicitations to trace the data source.

The investigation showed that the source of the data was a company owned by the Certegy database administrator who had also stolen the data. To avoid detection, the administrator appears to have downloaded the data to a storage device rather than transmit it electronically. It wasn't until the middle of last week or so that the full extent of the theft was discovered, a Fidelity spokeswoman said this morning.

Certegy has begun notifying the 2.3 million affected customers about the potential compromise of their data, the spokeswoman said. It has also filed a civil complaint in St. Petersburg, Fla., against the database administrator and the companies that received the stolen data asking them to return it, she said.

In a statement, Fidelity president and CEO Lee Kennedy expressed his "deep sadness and heartfelt apology" over the incident. "We will do everything possible to ensure no consumer is harmed because of this horrible betrayal," he said.



Jump to comments

Fidelity

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

What People Are Saying

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...