See your link here
Clean your HD's BEFORE the auction
- TAGS:American Express, banking customers, eBay, hard drive, sensitive data
- IT TOPICS:Security
Andrew Chapman bought what appears to be a NAS device on eBay for about £37 (about $66). Nice catch. But when he found data on over one million bank customers, he figured out that he got a little more than he bargained for.
Mr. Chapman bought what appears to be a SNAP! NAS server (going by the picture in the article) for a song. But when he fired it up and started looking around, he found the IDs for over one million customers of American Express, NatWest and Royal Bank of Scotland. The data "includes names, addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers' maiden names and even signatures." According to the article, a former employee sold the NAS device on eBay, and he obviously sold it without erasing the hard drive.
One question is what was he doing with the server in the first place? Shouldn't that be criminal right there? Of course, he might have bought it or had it given to him after it depreciated and was taken off the books. But to then sell it on eBay without erasing the data is inexcusable.
One good thing that comes from this is that an honest man was found. That helps restore my faith in humanity a bit. Mr. Chapman, I salute you.
Reply
Print
Email this
Digg this
