Online forum claims Certegy breach led to ID theft

Share this article:

The former Certegy employee who sold millions of customer records to direct marketers may also have set off a string of identity theft attacks, contrary to reports from the check verification company, according to a group of online posters.

Since the breach was announced in early July, St. Petersburg, Fla.-based Certegy has been steadfast in its claim that none of the 8.5 million records illegally sold to direct marketing firms have been used fraudulently.

But a number of posters in a Bed, Bath and Beyond online forum accuse Certegy of not being honest. According to the forum, a class-action lawsuit against the company is taking shape over the breach.

"I just found out a few days ago that my husband and I are now the victims of identity theft," an Oklahoma woman using the alias "Class Action Suit Ready" wrote last week on the bulletin board. "As he called his credit card company to prove his innocence, I realized it was only a few days after the notification letter [from Certegy] that all of the fraudulent checks were written on his account. That is not a coincidence. I’ve never had any identity theft issues until a few days after I received that letter from Certegy."

Another unnamed poster who received the notification letter more than two weeks ago said his credit card was denied last weekend at a grocery store, even though he believed he had more than $2,000 in his account.

Representatives from Lieff Cabraser, the San Francisco-based law firm taking the case, according to the forum, did not return a telephone call seeking comment.

A representative from Fidelity could not immediately be reached for comment.

Meanwhile, Certegy earlier this month filed a civil lawsuit against the former employee who sold the records, William Sullivan. He worked as a senior database administrator, giving him privileged access to the data. Certegy also has requested the marketing firms be barred from further using any of the data Sullivan sold to them.

In a filing last week with the U.S. Securities and Exchange Commission, Certegy parent Fidelity National Information Services reported the extent of the breach is much higher than originally reported. Initial estimates placed it at 2.3 million stolen records.

Meanwhile, Florida Attorney General Bill McCollum has warned victims to be on the lookout for identity theft.

But Certegy officials maintain there is no known risk of fraud.

"While the company’s investigation into this incident continues, we have seen no evidence that your information has been used for anything other than marketing purposes," according to a FAQ document to victims.

Click here to email reporter Dan Kaplan.

 

Share this article:

Sign up to our newsletters

More in News

Report: UK police push for required mobile phone PWs

The Metropolitan Police have reportedly lobbied for two years to enact the standard.

JPMorgan Chase customers targeted in massive phishing campaign

JPMorgan Chase customers targeted in massive phishing campaign

Roughly 500,000 emails have been sent out so far as part of a massive multifaceted phishing campaign targeting customers of JPMorgan Chase.

Study: Organizations lack training, budget to thwart insider threats

Study: Organizations lack training, budget to thwart insider ...

Of the 355 IT and security professionals surveyed, a majority indicated that they were ill-equipped to thwart a possible insider threat.