I have noticed this problem as well and I narrowed it down to two things.
1. Any 350 series card that is not using ACU 6.6 and using EAP-FAST with WPA/TKIP will cause this error
2. If you have multiple ACS servers During the time that the servers are replicating you will get this message.
I think that the reason you are getting it from one controller and not the other is the fact that you have a client trying to authenticate to an AP on that controller and no the other controller and that could be causing the problem with only one. Without knowing your configuration or what type of clients you have I cannot be sure though. These are what I have narrowed down from my experiences. By the way I still haven't stopped them completely, and it is very aggravating.
I was getting this message from all the controllers in my stack (3), concurrently. But the error only occurred at random times. All controllers are entered correctly in ACS. I upgraded to ACS 4.1.1 build 23 this morning and it seemed to clear things up. This version seems much more stable than 4.0.1 build 27. I am going to monitor it for a couple of days and see.