Is Your Banking Information Accidentally On Ebay? 205
GraWil writes "The Toronto Star is reporting how two Bank of Montreal computers containing thousands, of sensitive customer files were sold to a student who fixes up machines and then resells them on eBay. It seems that the company responsible for scrubbing the disks (Rider Computer Services Ltd.) misfiled the machines in their warehouse and it was assumed they had been erased." It's not the first time this sort of thing has happened.
My take (Score:3, Insightful)
Lets hear it for the unsung heroes in life.
Re:My take (Score:2)
Re:My take (Score:3, Insightful)
As to the the data scrubbing company. Come on! Who the hell designed they're process management at that company? You'd think, because of the sensitive nature of the data that company is responsible for destorying that they'd have a procedure in place that says "If your not sure of a machines status, scrub harddrives as if it just came in the door".
Re:My take (Score:3, Insightful)
> Publishing credit card information on ebay etc etc, yadda
> yadda - is just plain dumb. It's all moronic behaviour
> that's only gonna lead to trouble for the "unsung hero" -
> how is that clever? Why should that be rewarded with
> street cred and trend points?
He didn't put the credit card information on Ebay. He put two computers up for auction on Ebay, assuming their hard drives had been professionally wiped clean.
When he found out that was not the case, he could have just trie
I don't get it.. (Score:5, Insightful)
They should just get rid of it and save us all alot of headaches while recouping some money from the second hand machine.
Re:I don't get it.. (Score:4, Interesting)
Point at the person who's job description says that they are responsible for ensuring that physical hard drives don't leave the bank's premises.
Easy, it's the IT director. Um, except that because it's physical, perhaps it's the non-IT security director. Maybe it's the branch manager. Possibly it's none of the above. Possibly it's all of them.
See the problem?
Re:I don't get it.. (Score:5, Insightful)
heck, everyone should make sure of it.
it's not like you can set the company premises on fire even if you're not the one set to the ceromonial position of "the one who does not set the premises on fire".
anyways.. they outsourced that problem to somebody who was willing to say to them(bank) that they're clean.
Re:I don't get it.. (Score:2)
Militaries are a lot more disciplined than banks.
Re:I don't get it.. (Score:2)
Precisely how it would be done. The CEO points at someone, and says "It is now your responsibility to to ensure physical hard drives don't leave."
Either the IT director or the security director would be a reasonable person to whom to assign the task. Presumably there's already someone responsible for physical security of data--it should already be in someone
It's MY job! (Score:3, Interesting)
When it boils down to it, these are ancient machines (mostly P166s and wiping a drive takes HOURS on them, and it ain't pretty work, it's dirty warehouse work and lots of heavy lifting. Nobody want's to pay profess
Re:I don't get it.. (Score:3, Interesting)
And more importantly, why do the bank trust a third party (Ecosys) with the "scrubbing", rather than doing it themselves?
My take on this is that even if the procedure had said "destroy hard drives", the actual work of removing the hard drives and destroying them would still have been subcontracted, and the same "warehouse" error might still have occurred ("is this a machine which still has its original drives, or is it one wh
Re:I don't get it.. (Score:3, Insightful)
Re:I don't get it.. (Score:3, Interesting)
1 so that person unplugs the ethernet, pops in a linux cd, turns on the computer, boots into linus and shreds all of the harddrives on the machine.
2 turns off the machine, and signs a line on the frome that the machine has been shredded; and wittnessed by the branch/dept manager. Places a sticker on the machine that states it is
Re:I don't get it.. (Score:3, Insightful)
Anyway so why don't banks do it? I think they may walk into a whole mess of employment rules. You see you need proper equipment, proper safety equipment, proper enviromental protection. Banks just ain't equipped to handle this.
Re:I don't get it.. (Score:2)
Not true. If the bank cannot be bothered to do the equivalent of cat /dev/zero >/dev/hda before giving the computer away to a third party, what makes you think that they would actually screw open the computer, remove the hard drives, and put the computer together again? Remember, these are white-collar workers, who'd never g
My matress won't talk. (Score:5, Funny)
Re:My matress won't talk. (Score:3, Funny)
Re:My matress won't talk. (Score:5, Interesting)
http://www.ananova.com/news/story/sm_817915.htm
Destroy, don't sell (Score:5, Insightful)
Re:Destroy, don't sell (Score:2)
Re:Destroy, don't sell (Score:2)
I know, I suggested it to the client where I was the 'wipe-disk lackey' and h
Physical shredding (Score:4, Interesting)
Environmental Hazards of Physical shredding (Score:3, Insightful)
Turning data into dust creates an environmental hazard. Therefore, it's better to send old electronics to an institution that has the tools and pr
Re:Physical shredding (Score:2)
PR Shills (Score:5, Insightful)
Don't you just love it? If protection of customer information indeed is your number one priority then why the fsck don't you have procedures is place, which make such a blunder outright impossible? And if you do have such procedures in place why don't you enforce them?
Are those PR liars (and what else could such a "chief privacy officer" making such an outragous statement actually be?) all cranked out by the Forked Tongue Institute for Marketing & PR, or what?
Re:PR Shills (Score:3, Informative)
Even then (Score:5, Informative)
The absolute main security issue was customer data. Not that they would have fancied embezzlement or theft but this was looked upon far less serious then compromising customer data, period.
In the data centers (which you had to physically access in order to query real customer data, safe for the front office and also there it was very restricted what you could look at) you had to go through multiple layers of security and where not permitted to even remove a printout.
Computers where dismanteled and disks shredded, they where never for resale. This was applicable for every last computer from every last branch and office
Now, I agree shit happens. Probably in their case it started with outsourcing such a critical tasks to "ACMEs chep disk blanking operation" in order to save a few bucks. This is not really excusable, but it happens.
But what really gets my blood boiling are statements like the one from that PR bimbo, which are just utter bullshit.
Maybe she should apply for a job at Microsoft to sell "trustworthy computing".
Re:PR Shills (Score:2)
Excuuuuuse me, but just because they outsourced the job to some other company does NOT excuse the bank from their responsibility. If the customer data is with the bank, it (destruction) is the bank's responsibility, irrespective of how they go about doing it (i.e. by outsourcing it or doing it inhouse).
Re:PR Shills (Score:2)
Sending the systems to someone else before they are cleaned up is not the act of a company whose first priority is privacy. It is the act of a company whose first priority is saving a few pennies.
So the bank failed to do their job, and then the people they payed to do the job for them failed.
heh outsourcing.. (Score:2)
Which yet another reason why I think this outsourcing thing is overrated.
Outsourcing is just an excuse for management to sack people, temporarily cut costs, blame the resulting crappy service on "transitionary period", use the savings to pay themselves big bonuses, complete contract, leave to slash and burn another company.
Re:PR Shills (Score:4, Insightful)
Re:PR Shills (Score:2)
1) It's not important to the company.
2) The company is in the wrong business.
No matter what they _say_ or even think their priorities are.
Re:PR Shills (Score:2)
Canadian companies larger than about 20 or 30 people are required by law to have a privacy officer. Thus calling the title PR-driven is at least somewhat mistaken.
-Rob
Encrypted HDs (Score:5, Interesting)
As a purchaser/fixer/collector of old computers, I have seen many a file that some prior owner would probably have prefered I not. Although I, personally, have seen nothing of a criminal nature (or of a nature that would allow me to perpetrate a crime) I know others who have found strange files on old computers. Psychotic diary entries that advocated violence, financial records, proprietary engineering data, etc. all have an odd way of being left on HDs of obsolete machines. If a old machine stops working, few people make the effort to fix it in order to erase data. Systems that automatically make the data inaccessible in all but valid/authorized machine states would ensure the protection of the data.
Although any encryption system can be broken, by social engineering at the very least, it would be better if there were at least some barriers between sensitive data and potentially prying eyes.
Re:Encrypted HDs (Score:2, Interesting)
Re:Encrypted HDs (Score:3, Informative)
Most 2.5" HDDs plus 3.5" IBM Deskstars (and perhaps others) support ATAPI passwords. The password is written to the platter, and if it's there, the only thing the controller will respond to is the password. You can't talk to it at all in a system that doesn't know about ATAPI passwords. The only solution (that I know of) is to use a custom controller to access the platter, which is beyond the means of casual or even semi-pro Bad Men.
See this previous Ask Slashdot [slashdot.org] for more.
Re:Encrypted HDs (Score:5, Interesting)
This is the only way to be sure, its not worth paying 100 Bucks (just a guess) for a disk with encryption only to get 10 Bucks a disk on resale!
James
Re:Encrypted HDs (Score:2)
Hospital Records Anybody (Score:2, Interesting)
Re:Encrypted HDs (Score:2)
support/maintenance will become nightmarish very quickly. even if you can get hardware encryption on, say, a RAID array it won't be easy to look after. likewise, people WILL lose their keys. also, you're assuming that encrypted hard disks exist that don't have
Re:Encrypted HDs (Score:2)
And don't you think that if the hard disk manufacturers have gotten onboard the conspiracy bandwagon, the banks were already there to greet them?
Really. If the Three-Letter-Agencies are anywhere near as malicious as the conspiracy people suggest them to be, they have a little thing called priorities, and already have things very well in hand.
Not that I really believe any of that crap. I
Re:Encrypted HDs (Score:2)
I know Slashdot is somewhat biased, but is it really fair to say that someone who advocates proprietary engineering data is PSYCHOTIC?
Re:Encrypted HDs (Score:4, Interesting)
I agree. Most folks really have no idea about computer security, but this does not mean we should take advantage of them (I don't think the parent was implying this though). Personally, I don't snoop around in anyone's files / homedirs, or sniff any traffic, even though as an admin I am perfectly capable of doing so. Heck, when someone is entering a password in my presence, I turn my head. It's just polite.
At the risk of going overboard here, I'd like to share a little story. I was running a Jabber server some time ago, and jabberd 1.4.x normally saves passwords in plaintext. For some reason I needed to log in as a particular user (I can't remember if it was for a test or what), but I refused to learn the person's password. To solve this, I wrote a program to extract the password from the jabberd database, and hide it in some grid of 30x30 random chars or so (kinda like those wordsearch puzzles). The password was in a horizontal direction starting at some random coordinate, and the program would tell me the coordinate as well as length of the password. Then I pasted this chunk into a text editor, and blindly pressed the Down and Right arrow keys a number of times to match the coordinates, held Shift and pressed the Right arrow key 'length' times, and hit Ctrl-C. I then closed the text editor and pasted the text into the application that I needed it for (which obscured the text as asterisks in the input field). Phew!
Polite?!? (Score:2)
check your AUPs. you do have AUPs, yes?
Sysadmin, not a coder... (Score:3)
Would have been much easier to just have the program copy the password into the clipboard so you could paste it
Re:Encrypted HDs (Score:2)
Imagine if you just asked the user, and then offered them a tool to change their password after you were done.
I sniff traffic all the time, and I look around at files all the time - it's my job. I do avoid mail spools, except for when users need virusus cleared out (because their braindead anti-virus program aborts the POP3 connection upon reaching a virus), but that's it. I'd just end up frustrating the entire userbase if I refused to help.
Ethical and Legal Dilemmas (Score:3, Insightful)
The hardest case that I heard was a used computer buyer that ran across some very disturbed writing
A good solid brick.. (Score:5, Funny)
Re:A good solid brick.. (Score:3, Funny)
"A second British spy has lost a laptop [theregister.co.uk] brimming with state secrets after getting "blind drunk" in a London bar."
Re:A good solid thick head.. (Score:2)
A few notes (Score:4, Interesting)
That happened to me 2 years back. A Maxtor HDD went bad. Sent it back to Maxtor, got another one. The replacement turned out to be bad too.
Had to send that one back and got the 3rd HDD.
There was a lot of data on the 1st HDD I sent back to Maxtor.
I checked the Maxtor website for any statements as to what they do with their data but couldn't find anything.
Many people(unless they have 2 computers and know how to deal with IDE pins) will just send the disk to their manufacturers, whether it contains data or not. Scrubbing a disk clean with bad sectors requires you to isolate the bad sectors by partitioning.
Re:A few notes (Score:3, Interesting)
1. Use a strong magnetic field and zap the data [hince zapping the data but still able to return to the maker for replacement]
or
2. Disassemble the drive and use the platters as coasters.
Other people use a slightly more brutish technique and drill a hole directly through the unit, but to be honest, without an erase the data still might be recovered. Why anyone would bother is beyond me, but it's possible.
---
Re:A few notes (Score:2)
Re:A few notes (Score:2)
Indeed, there is no "overwrite all readable blocks and spare the unreadable blocks" program, is there? "dd" would only need minor modifications to do that.
The 'dd' option 'conv=noerror' might do it, although the man page suggests that it is used to skip over read errors, I suspect it will also ignore write errors.
not much of a worry.... (Score:5, Insightful)
I know that the caches and things MAY hold some sensitive data but it's highly unlikely.
Unless the person that used that PC in the bank was also a incompetent boob and say saved a spreadsheet of 200 credit card numbers and information in the local drive (why the hell are you making an insecure document like that?) it's only a mild security breach.
It shakes the confidence of the customers more than anything else.
Re:not much of a worry.... (Score:3, Informative)
kinda sounds like severs to me, IT fucked up by alowing them out the door un-shredded whether it was policy or not.
Re:not much of a worry.... (Score:2)
copy them to local drive, edit, copy back.
this reduces load on the frame-relays at the remote office.
Re:not much of a worry.... (Score:3, Informative)
If it was servers, then the IT department, computer wiping service
Re:not much of a worry.... (Score:2)
I can't help but wonder. (Score:4, Funny)
Wow I wish I was as efficient as him...
Re: (Score:2)
My Passwords (Score:4, Funny)
What you guys don't use your social security and bank account numbers as passwords?
Well. (Score:2, Interesting)
If it was law, rather than just good practice, maybe we'd feel a lot safer.
Finger-pointing as a profession (Score:5, Interesting)
I find it appalling that the 'computer security team' sent to this guy's house were told to 'seize' the drives when clearly he was doing them a favour. Though they thanked him later and gave him replacement (presumably blank) drives, fuckups like these should have proper ramifications. Along the lines of dismissals.
Figures it was the Bank of Montreal. Those idiots can't do anything right, from paying their then-CEO too much [222youth.com] to stupid online banking [mbanx.com] to hypocritical ad campaigns in 1996 [uwaterloo.ca]. Losers!
In Googling I came across this [inkindcanada.ca], which lists voluntary sector computing activities in Canada supported by the banks. Just think what interesting fundraising activities could have been made possible by this kind of donation...
A good rule of thumb... (Score:2)
Paying their CEO Too Much (Score:2)
Is your banking information accidentally on ebay (Score:4, Funny)
Pretty common (Score:2)
drive erasure (Score:5, Interesting)
Overwriting the drive using software is more verifiable. You de-network the machine, boot it up from a CD, and can analyse the drive contents before starting a wipe cycle. You switch off and back on to prove there is no cheating. Then you can analyse the drive contents again and be sure they are different. The drive never left the machine, but you can be sure the data left the drive.
Whatever anyone may say, remember these "secure disposal companies" are after your money and don't mind playing on your most groundless fears to get hold of it
dd if=/dev/audio of=/dev/hda might conceivably do a good job on a used drive, if you make sure the gain is turned up nice and high and there is nothing plugged into the sound card. Filtered static and power hum are the nearest you're going to get to true randomness.
My drives are invariably thrashed for as long as they work, then get the magnets removed for use in experiments {and wiped a few times across the platters for good measure}.
Re:drive erasure : WRONG (Score:3, Interesting)
a) you have disks silent errors (because error-correcting codes corrected them) that will copy sector data to a reserve sector without notice, that makes your old data inaccessible at software level but readable at controler level
b) you can use high resolution magnetic imagery to recover several rewrites of the same track
c) in my books, a hum is very far from random, it's predictable !!!
Physical destruction is the only reasonably secure solution.
Re:drive erasure : WRONG (Score:2)
1. Overwrite with zeros
2. overwrite with random zero/one
3 5 passes of random owerwrite.
Then they were send to leading data recovery firms. They couldnt even rescue data from the first disk.
Re:drive erasure : WRONG (Score:2)
I recommend sanitization by melting HDDs into a molten puddle of metal with a blowtorch or some other high temperature (if you're in Hawaii chuck HDD into lava - but make sure it ends up in the lava, and you don't get charcoaled
Sure simple overwriting may not be recoverable with a budget of up to USD10K. Or maybe even USD100K. But once you hit millions or more, they might pay a bunch of very smart people t
Re:drive erasure (Score:2, Funny)
Re:drive erasure (Score:2)
If a company is THAT paranoid about security, they will send an agent to accompany the sensitive drives to the oven/grenade/mineshaft facility and confirm that they are not mirrored or swapped out for other drives
Interview with BMO Representative (Score:2, Informative)
Real easy to fix (Score:2, Interesting)
Copyright? (Score:5, Insightful)
Shouldn't customers' private information have at least as much rights as some stupid Brittany Spears song?
Re:Copyright? (Score:2)
Re:Copyright? (Score:2)
umm... do you mean $2K? That's what the link you supplied seems to say.
use HD built in wipe (Score:5, Informative)
http://www.tomcoughlin.com/Techpapers/Secure%20
Re:use HD built in wipe (Score:2)
These are commands that the average user of a $100 ATA hard drive will never execute.
How likely do you think it is that some HD manufacturers omit support for these commands from their disk controllers as a cost-saving measure?
ebay (Score:2, Funny)
I hope he got back his ebay listing fees.
Re:ebay (Score:2)
Which is why outsourcing important/core stuff doesn't work. It usually takes time to see how trustworthy someone is. You get them to do a little job for you. Slowly give them bigger and bigger jobs.
If company outsources something it either means that:
1) It's not important to the company.
2) The company is in the wrong business.
A Mafia Don doesn't let
The bank thanked Ellis... (Score:4, Insightful)
Happens all the time (Score:5, Interesting)
I was consulting at a community bank last spring, helping them getting ready for an IT audit by the FDIC. They were replacing some machines, and I persuaded them to donate the old ones to a local computer group who refurbishes them and places them in schools and non-profits. I could see that their IT policy manual contained nothing about even wiping drives let alone destroying them.
As soon as I got them to my office, I invited the CEO in to see how much customer info his IT department had "donated." He was, of course, shocked. The sad thing is, probably 30 people were involved in that transfer and not one of them had the slightest clue. Another said thing is that the donation fiasco was just one of hundreds of examples of failure to adequately protect the privacy of customer information.
The good news is that the FDIC is taking customer data security very serious and is coming down hard on breaches and potential problems during their IT audits and their Safety and Soundness audits. So maybe it will get better. Except we are talking about humans...
Govt says every biz needs privacy policy (Score:2)
I recently got some GST mail saying that every business in Canada needs to come up with a privacy policy. It said (something like): Privacy, its good for business.
I think kudos are in order. (Score:2, Interesting)
Just my humble opinion,
SirLantos
Secuirty Check (Score:5, Insightful)
This begs the question, what sort of background checks are performed on the technicians fixing the computers? And what sort of computer security experience do they have?
I would at least expect a "student" not be employed in this type of position. Give it only to a qualified full-time employee w/ good compensation and benefits - that in itself should be a deterrent.
Classic security holes! (Score:2)
When i worked at teh pentagon (Score:3, Interesting)
THey now require the disks to be physically shredded, but i think we came pretty damn close.
Clearly EBAY must be sued! (Score:2)
You think I'm
We Drill 'Em!! (Score:3, Informative)
Well.... (Score:3, Interesting)
It just boggled my mind that someone could be so stupid as to leave that kind of thing on their computer when they sold it.
It's not the reseller's fault (Score:4, Insightful)
Why? Well, if you hire an accountant and don't double check his work, it's your arse. Why should it be any different with a corporation's responsibility when it comes to guarding customer data?
Personally, I would like to see more laws guarding US. Not slapstick anti-terrorism laws directed at destroying personal privacy, but real laws that protect real people. As we are the source of America's economic might. At the point where citizens don't have money to throw at giants, then the giants won't exist anymore. At least, not inside our borders.
Reminds me of buying secondhand business computers (Score:3, Interesting)
Re:They should have used Norton Wipeinfo (Score:2, Informative)
Re:Thanks for the link, (Score:2)
You mean tested by the completely neutral company that has sole access to the source and is selling the software?
Re:They should have used Norton Wipeinfo (Score:5, Informative)
a damn [bu.edu]
shame [kyuzz.org].
Re:They should have used Norton Wipeinfo (Score:4, Informative)
You don't have to pay for Norton Wipeinfo if you're on Windows.
I'm told that both Scrub [webattack.com] and Eraser [heidi.ie] are pretty good - although I haven't used them.
Both of which are free (in the "don't have to pay any money" sense)
Some free wipe tools, was: Re: Norton Wipeinfo (Score:5, Informative)
It's a shame that there isn't a Linux program that does something similar.
Others have mentioned specific utilities, but with almost any bootable CDROM Linux variant you can wipe a disk pretty throroughly as follows. This is for when you're retiring a system and want to overwrite the entire disk, not scrubbing free space on a live system:
This will write pseudo-random data over the hard drive 10 times. To make it happen more times, change '10' to 'N' where N is larger than 10 in the 'seq' command. To use true random data rather than pseudo-random, use /dev/random, but realize it may hang waiting to gain more entropy and, for this use, I'm not sure there is any real advantage in true randomness.
You can also use 'dd' on a live system, writing to a file instead of a partition, and fill up free space on that partition (then delete the file!). This will overwrite data from deleted files, but will not get slack space, which is the particular advantage of using the 'wipe' tool that someone else mentioned. Also, remember only root can fill the filesystem; everyone else gets cut off with some small % free.
Windows users should also realize that with Windows 2000 (um, SP3 I think) and above the EFS tool 'cipher' will allow you to wipe unused disk space, so that you can proactively make sure that deleted files aren't hanging around on disk. This is useful if you want to make sure old files don't accumulate on the hard drive of a working system, especially physically insecure laptops etc. etc. It presumes the NTFS file system, of course.
will overwrite the free space on the C: partition with 0s, then 1s, then random data. I'm not sure if it gets slack space.
Of course, a very slim possibility remains that sophisticated and expensive physical analysis will still recover data from disks wiped in this manner. Unless you've seriously honked off the NSA, however, these should provide sufficient protection for most uses.