cancel
Showing results for 
Search instead for 
Did you mean: 

Rogue DBA Steals, Sells Personal Info

Senior Contributor

Rogue DBA Steals, Sells Personal Info

 
July 09, 2007 (Computerworld) -- Call it a case of hiring a fox to guard the henhouse.
 
Fidelity National Information Services Inc. said last week that a senior database administrator responsible for defining and enforcing data access rights at one of its subsidiaries sold the personal information of about 2.3million consumers to a data broker. The broker in turn sold a subset of the data to “a limited number” of direct marketing companies, Fidelity National said.
 
The Jacksonville, Fla.-based company, which offers data processing and outsourcing services to financial institutions and other businesses, added that the stolen data included names, addresses, birth dates, and bank account and credit card information.
 
For now, at least, it appears that the companies that bought the information have used it mainly to send marketing solicitations to the affected individuals, according to Fidelity National. “We have no reason to believe that the theft resulted in any subsequent fraudulent activity,” said Renz Nichols, president of the company’s Certegy Check Services Inc. unit.
 
The database administrator has since been fired, and Fidelity National has filed a civil complaint in a court in St. Petersburg, Fla., against him and the companies that received the stolen data, seeking its return. Fidelity National said it also is “encouraging immediate prosecution” of the DBA by law enforcement authorities.
 
The data theft came to light after a retailer that uses Certegy’s check authorization service reported a correlation between transactions and the receipt of external marketing offers by its customers. Fidelity National called in the U.S. Secret Service, which found that the data had come from a company owned by the Certegy DBA.
 
“The external attacker gets all the ink,” said Andrew Jaquith, an analyst at Yankee Group Research Inc. But, he added, companies also need to pay close attention to workers with high levels of system privileges.
Message 1 of 7
6 REPLIES
Established Member

Re: Rogue DBA Steals, Sells Personal Info

Wow that's just greatSmiley Mad... guess I need to put a fraud alert on my credit file or at worst be bothered by some darn marketing scheme. 
Message 2 of 7
Valued Contributor

Re: Rogue DBA Steals, Sells Personal Info

The DBA needs about ten years of busting big rocks into little ones--that would serve as a good deterrent to that sort of behavior.
- - - -
in a credit-scoring postnuclear Stone Age...
Message 3 of 7
Moderator Emeritus

Re: Rogue DBA Steals, Sells Personal Info

I got a notice last week that my info was in the subset, along with "assurances" that it was only used for marketing lists and that there is no evidence of any identity theft.  I couldn't get to the phone fast enough to call in fraud alerts and to mail requests for credit freezes.  Smiley Mad
-----------------
Bartender, bring another round of FICOtinis please!

9.4.2011: TU 805. EQ 815.
Message 4 of 7
New Contributor

Re: Rogue DBA Steals, Sells Personal Info



TheNewWorldMan wrote:
The DBA needs about ten years of busting big rocks into little ones--that would serve as a good deterrent to that sort of behavior.
 
That ia absolutely what they need, but instead, they will get a slap on the hand and possibly a small fine. athe fine will be a drop in a bucket compared to their assets. That only gives them the incenitive to repeat their actions.
 
Lots of sh___it would stop if the fcra would really crack down on them with some major fines, fines that would have a tremendous affect on their pocket books.
Message 5 of 7
Valued Contributor

Re: Rogue DBA Steals, Sells Personal Info

I for one am tired of "white collar crimes" being treated with kid gloves. When you embezzle millions of dollars and wreck people's lives, you should do hard time just like a common criminal who steals and robs. Justice, and the integrity of our nation's financial system, demand it.

The people who hosed Enron should have gotten life in a labor camp.
- - - -
in a credit-scoring postnuclear Stone Age...
Message 6 of 7
Established Contributor

Re: Rogue DBA Steals, Sells Personal Info


TheNewWorldMan wrote:
I for one am tired of "white collar crimes" being treated with kid gloves. When you embezzle millions of dollars and wreck people's lives, you should do hard time just like a common criminal who steals and robs. Justice, and the integrity of our nation's financial system, demand it.

The people who hosed Enron should have gotten life in a labor camp.



Agreed. The same thing applies to Charles Keating and his friends.
Message 7 of 7