A hoard of definitive information has been discovered in computers sold at Craigslist.
Privacy Fly president Travis Doering found out that thousands of confidential information of Canadian customers are stored in the server gear that was auctioned off. The data was also confined to hard drives previously maintained by Netlink Computer Inc. with the brand name of NCIX, a computer retailer based in Vancouver.
Last December, the company was in a Chapter 11 state and liquidated its assets through the Able Auctions. The auction company thought that all information had been deleted, but it wasn’t. Apparently, the NCIX data breach was put in jeopardy from its customers who worked for more than a decade with the dissolved computer retailer.
Doering shed some light on the report through a blog post. He revealed a peculiar promotion on Craigslist while seeking for some second-hand computers when he stumbled upon the servers and hard wares from NCIX. He recognized that Able has three different servers from the no longer existing company.
As a security researcher, he wanted to find out more and decided to meet the seller named “Jeff” while covering up as a possible buyer for the servers. He was astonished to find out that the servers contain stockpiles of both customers and employees data such as financial, professional, and personal information.
There were addresses, phone numbers, credit card information, Card Verification Value (CVV) and expiration dates. Additionally, Doering noticed of the employees’ personal income tax information like T4 statements.
He was able to come face to face with “Jeff” and got some answers on how Able got hold of the servers. NCIX deserted them in a warehouse they previously rented.
Doering said, “Jeff confided in me that NCIX had been renting a portion of a warehouse in Richmond where all the hardware is currently located. He explained that the owner of the hardware is currently NCIX’s previous landlord, as NCIX had abandoned the hardware when they failed to pay a past due rent total of $150,000.”
He continued saying that the particular person at one time helped the property owner in disposing half a thousand of NCIX’s desktop computers aside from some enterprise hardware through Able Auctions in April.
Doering’s discovery of the potential massive data breach prompts the Royal Canadian Mounted Police (RCMP) together with the Information and Privacy Commissioner of British Columbia to delve into the claims of a feasible data breach. The case was initiated on Thursday with the authorities getting hold of the servers which contained an enormous volume pertinent information.
It puzzled computer proficients why such confidential information might not have been encrypted or concealed. According to the technical specialist Graham Williams, they have not fathomed the capacity of information and expanse of unencrypted data.
Securing personal data is the least thing that a business can do for its customers aside from providing them with excellent customer service. Customers, in turn, should also do their part by not providing some of their personal information if not necessary at all. Issues of data breaches have been circulating the globe and consumers must be wary of their data being compromised especially when they visit social media platforms or do online transactions.