Friday, July 13, 2007

Thousands Learn: Their Personal Data Has Been Stolen

I came home from work two days ago and had a letter from this company called Certegy. (I had never heard of them before) I opened it, assuming it was your ordinary "junk" mail, that is until I saw my personal information on the top of the letter. The letter contained my full name, address, phone number, Social Security Number, & my Bank account numbers. So, I preceeded to read the two page letter. It was a letter sent to me to tell me that an employee of theirs had stolen ALL of my personal info!!! It stated that he had bank account numbers & everything!! It also stated that the employee was fired!! A lot of good that does me ~ he has all my info!!!!

The emails are rolling in now. This is how it works: John Doe gets a letter from Certegy telling him that all of his personal information has been stolen. But don't worry, the letter says, we fired the guy. Poor John has never even heard of Certegy. "Why would they even have my information in the first place?" he wonders.

Odds are you found this site because you recently got just such a letter. In brief, Certegy is a financial company that has a file on you if you've ever written a check to any of these retailers, or gotten cash at a casino. It doesn't matter if it was last week or fifteen years ago - they've got your info. They "verify" check transactions. By "verify," I don't mean they make sure the account has enough money to cover the check. No, that would be too easy. Rather, they use "algorithms" to "determine the risk level" of a given check, and can accept or deny your check based on them. Unfortunately for you and me, no one really knows just what criteria are used to make these determinations. It seems clear that those criteria are faulty, given how many decent responsible people have had checks denied. It's almost as if Certegy's system is simply a random one - they deny just because they feel like it.

Certegy has come up with some "helpful suggestions" for those who have had their data stolen. (Check them out but know that, breaking common web protocol, they're all in unmarked PDF files. Morons.) I'm sure you're thrilled to know that they've filed a civil complaint against the employee that did this. I'll bet a happy little smile will play across your face while you're on hold with your bank's manager, as you think of that naughty high-level executive sitting nervously in his multi-million dollar mansion awaiting a sentence which will probably later be reduced by an equally high-level Republican judge.

My favorite gem from Certegy's Q&A is this one: "Certegy has implemented a fraud watch on its internal systems for those checking accounts that are implicated." Jesus H. Christ. If you've never had dealings with this company before, you should know that their "fraud watch" methods are ALREADY a well-known joke. A common example is the person who tries to write more than one check to the same store within a week's time. The second check gets denied because Certegy thinks it "might be fraud." That's about the extent of their "fraud watch."

Anyway, thus far I myself have not yet gotten the dreaded letter. People have been writing asking for help and advice. Here are my thoughts on what people should do as a next step.

1. If it were me, I'd close my accounts and set up new ones. That is a very time-consuming and irritating prospect, but it's the best way to protect yourself. BUT - when you do this, log each and every minute it takes. Also, record ALL fees or expenses involved. If you have to drive ten miles and back to your bank to switch accounts, write down how much gas you used and calculate its cost. Using whatever your hourly rate is for your day job, figure out how many dollars worth of time you lose doing these tasks.

The idea here is that you are drawing up a bill for Certegy. They are responsible for this, and you have a right to demand compensation for their carelessness. So send them this detailed bill and let them know you will not tolerate this kind of error.

Remember that you never authorized Certegy to have an "account" or file on you in the first place. Did you sign a paper saying they could retain that data? Nope. Did they give you a disclaimer or information on how the data will be used? Nope. They are NOT a credit bureau and they have no business keeping records as if they were!

2. Certegy is encouraging customers to "check their free annual credit report." No. What if you checked it two months ago? You're supposed to wait until May of next year to check again? Or PAY to see it now? Ohhhhh no. Certegy needs to pay for that as well. Call them and demand it.

3. Boycott retailers who use Certegy. Or at least, some of them. And let them know exactly why.

4. Use the links to the left to report Certegy's practices to the proper authorities. File a complaint. You have a voice - USE it. I'm just one chick sitting at a computer calling it like I see it. I can't do this alone. But WE can create change if we raise our voices as one.


Anonymous said...

Certegy was not careless or negligent. You are going to have a very hard time proving that. They are the ones who called the Secret Service to investigate. According to most experts, Certegy did everything it could to prevent this. Plus, people paying with checks are giving their personal information to retailers. The retailers are taking "their" payments and asking Certegy to insure they are valid. If you don't want your information going to Certegy, use cash or a credit card. Otherwise, you are asking for trouble. The clerk, the store manager, the store's accounting department, the teller at the bank they use and the operations workers at the retailer's bank and your bank all have access to your check and your personal information in addition to Certegy. Why would you open yourself up to identity theft like that?

Anonymous said...

Whoever posted this rebuttal sounds like they work for Certegy or one of their sister companies. This is an effort to discourage legal action against a very sloppily-run NYSE: FIS company.

Anonymous said...

You just don't get it do you? If I worked for Certegy, I would not ask people to stop using checks. That would put Certegy out of business.

You sound like your check was declined by Certegy. Is that why you are so angry? A lawsuit is not the answer to everything. Especially a trivial lawsuit you will never, ever win. Why give people false hope that a lawsuit would change anything, even if by some miracle you did win?

The bottom line is checks are going away and the sooner you stop using them, the safer your identity will be. If you don't like Certegy, stop creating a need for their services.

Anonymous said...

Yeah, I work for Certegy, stop writing checks!
Anon #2 sounds like a moron.

Anonymous said...

Yeah I was a victim. I am going to court over this! If you want to join me email me: I am besides myself over this!

Gloria Jones said...

Yeah, I am likely taking this to court as well, I don't care that the mistake happen. I care that my information was being held without my knowledge. It disgusts me the way it is down-played because as far as they are aware, "the info has only been distributed to a limited number of marketing organizations". Excuse me, but it is my right to decide where my personal information goes.

Lawsuits are not always appropriate, but personal information theft is a huge deal. Plus, this corporation has apparently been making money off of my spending habits (without my knowledge mind you). I believe it is my right to receive it all back and then some for their negligence.

Gloria Jones

Anonymous said...

Gloria, you might be able to decide, but you might have to opt out. I think your best bet is legislation giving people the option to optout of their personal information being held. Many will say opt-in, but you know not just Certegy but every company would fight that. What would all the credit bureaus do?

Anonymous said...

ok. i didn't use a check, I made a debit card withdrawal, so the "don't use checks" bit doesn't apply. Also, according to Certegy, "no account information has been used for fraudulent financial activity." That's not true. I returend from a vacation to find my account overdrawn $1,400...charges originated in France...while I was in Nevada. And yet, Certegy, as late as July 24 in an 8-K SEC filing (for Fidelity National Information Systems)claims that no such fraudulent financial transactions have taken place. So, this company that keeps such vigilant track of all of our customer information doesn't know that peole (there are many others) have been victims of fraud, but the consumers know?! I've seen posts as far back as MAY about people losing money on this thing...and yet, Certegy has no idea.

Anonymous said...

Fuck Certegy!!!!! Spineless cowards!!! I come back from overseas after 6 months and I couldn't cash a 200.00 check at the truck stop!?!? 120,000.00 in account! Y'all ain't any kind of business!!! That's a joke so if I was a stranger moving in y'all house I bet y'all would find out about me first but y'all dumb ass company can't use technology to give us a true statement we paying y'all for this problem can't say it's a service!