Calum Macleod, European Director for Cyber-Ark, a company specialising in protecting sensitive data for companies and their customers, has expressed his concern at another major breach, where 2.3 million customer records have been stolen from a subsidiary of Financial National Information Services (FNIS), the Florida-based financial processing company.
According to US newswire reports, an employee of one of FNIS' subsidiaries stole around 2.3 million customer records, 99,000 of
which included credit card details of the customer concerned.
"My understanding is that information was stolen from Certegy Check Services, an FNIS subsidiary, and then sold to a number of direct marketing companies," said Macleod, who added that customers had then received marketing material from the firms concerned.
"I'm sure the marketing companies acquired this information in good faith, but the onus should have been on FNIS and its subsidiary to protect the integrity of customer data," he went on to say.
"That protection should have centred on using a protected and encrypted digital safe for the data concerned, to which only senior
managers had complete access. Access for specific employees could then be limited to only that information they needed, and certainly not the whole 2.3 million customer records," he said.
"The only good news is that FNIS and Certegy have moved swiftly to counter any further damage to their reputations, as well as notifying all the customers affected. I hope the customers get the apology and ID theft prevention support they need," he added.