Under a plea bargain, William Sullivan pleaded guilty to the theft from Fidelity's Certegy unit. Sullivan had been a senior database administrator, responsible for enforcing data access rights at Certegy. To avoid detection, he allegedly stole the data physically between 2002 and 2007 rather than downloading it or using other traceable electronic means.

The stolen data - including names, addresses, and bank account, debit and credit card details - was sold for business cheques totalling more than $580,000 to an unidentified accomplice who then sold the data on. Sullivan faces a maximum of 10 years in prison and a $500,000 fine.

In August, a class-action lawsuit was filed against Fidelity by San Francisco law firm Girard Gibbs. The lawsuit, on behalf of the customers whose data was stolen, alleges Certegy and Fidelity failed to implement and maintain adequate security practices, exposing their customers to identity theft.

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here