LARGE DATA BREACH TURNS INTO MYSTERIOUS BIGGER CONTROVERSY

Certegy Check Services Inc., St. Petersburg, FL, a subsidiary of Certegy, Inc., Alpharetta, GA, had 2.3 million consumer records including credit card and bank account numbers, plus other personal information, stolen by an employee identified as William G. Sullivan. He was fired, but during his tenure at Certegy, Sullivan had set up his own company, through which he sold the 2.3 million records to data broker Jam Marketing, located in the United Kingdom, who in turn sold it to several unidentified junk mail companies. Fidelity National Information Services, a financial processing company, is the parent of Certegy, Inc., and is a provider of solutions supporting financial services companies throughout the world. (See stories Assoc. Press and Digital Transactions) But the intrigue heightens when I discovered that Certegy Check Services was formerly known as Equifax Check Solutions. Equifax is one of the big six data brokers, and is also one of the big three credit bureaus. ChoicePoint is a spin-off from Equifax, headquartered in Alpharetta, GA, as is Certegy Inc. This incestuous looking arrangement has nothing to do with what happened to the 2.3 million records, at least as far as I know, but it points out my long running conclusion that your sensitive data is in a constant state of flux between a huge confederacy of data brokers and junk mail companies. It’s been reported the personal information wasn’t sold by Sullivan, only names and addresses. This story is unfolding as this is written, and the most important facts are yet to be revealed: who were the junk mail companies buying the stolen data (both the data broker and the junk mail companies say they didn’t know it was stolen). I’ll have the latest on this incident in my next post, along with some observations on this series of suspicious transactions.