A senior database administrator for a consumer reporting agency in Florida has admitted stealing more than 8.4 million account records and selling them to a data broker. He netted $580,000 over five years from the scheme.
William Gary Sullivan, a DBA for Fidelity National Information Services, faces up to 10 years in federal prison and $500,000 in fines, although prosecutors agreed to recommend a more lenient sentence in exchange for his guilty plea. He's also required to surrender all remaining proceeds and pay restitution to his victims.
Working for a subsidiary called Certegy Check Services, Sullivan used his access to Fidelity's database to pilfer records that included individuals' names, addresses and financial account information, according to court documents. To cover his tracks, he incorporated a business called S&S Computer Services, which sold the data to an un-indicted accomplice. According to authorities, this unidentified person resold the information to direct marketers, including one called Strategia Marketing, which also went by the name Suntasia.
The scheme came to light in July, when Fidelity disclosed that an employee absconded with 2.3 million records. Fidelity was alerted to the theft by a retail customer, who noticed a "correlation between a small number of check transactions and the receipt by the retailer's customers of direct telephone solicitations and mailed marketing materials".
Fidelity later raised the estimate to 8.5 million records. The company is unaware of any identity theft or fraudulent financial activity resulting from the theft. Rather, it believes the stolen records were used for marketing purposes. ®