A database administrator in Florida has admitted to stealing account records and selling them

A senior database administrator for a consumer reporting agency, the Fidelity National Information Services, in Florida has admitted stealing more than 8.4m account records and selling them to a data broker for $580,000 over five years.

Alan Bentley, vice president international, Lumension Security, has advised companies to take steps to protect themselves against this kind of threat: ‘Data theft is becoming more and more common across the globe and the Fidelity National Information Services case is just another example of how easy it is to remove sensitive data from an unprotected corporate network.

He added: ‘William Gary Sullivan’s potential 10 year prison sentence and $500,000 in fines will certainly act as a deterrent to other tempted employees. However, prevention is better than the cure. Most data leaks occur at the endpoint and unmanaged removable media and applications can easily open the floodgates for data to escape into the wrong hands.

“Companies need to take this threat seriously and need to combine technology with clear strategies and policies to prevent security breaches.

Alan Bentley, vice president international, Lumension Security

‘By simply managing the data flowing to and from network endpoints, and auditing the use of applications and devices, this can be avoided. Employing a ‘known-good’ state allows only authorised applications and devices on to a network, and governs the extraction of data, decreasing the threat.

‘Companies need to take this threat seriously and need to combine technology with clear strategies and policies to prevent security breaches. To do otherwise could leave consumer data at risk and put a company’s reputation on the line. The technology is out there to prevent future William Gary Sullivan’s stealing sensitive data.’