Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Your Banking Information Accidentally On Ebay?

Posted by timothy on from the banking-information-eh dept.

GraWil writes "The Toronto Star is reporting how two Bank of Montreal computers containing thousands, of sensitive customer files were sold to a student who fixes up machines and then resells them on eBay. It seems that the company responsible for scrubbing the disks (Rider Computer Services Ltd.) misfiled the machines in their warehouse and it was assumed they had been erased." It's not the first time this sort of thing has happened.

2 of 205 comments (clear)

  1. Even then by CaptainZapp · · Score: 5, Informative
    I worked for a bank for a few years (in a country far away, where they have numbered accounts and you're actually looking at jail time for revealing customer data) and something like this was just unheard of.

    The absolute main security issue was customer data. Not that they would have fancied embezzlement or theft but this was looked upon far less serious then compromising customer data, period.

    In the data centers (which you had to physically access in order to query real customer data, safe for the front office and also there it was very restricted what you could look at) you had to go through multiple layers of security and where not permitted to even remove a printout.

    Computers where dismanteled and disks shredded, they where never for resale. This was applicable for every last computer from every last branch and office

    Now, I agree shit happens. Probably in their case it started with outsourcing such a critical tasks to "ACMEs chep disk blanking operation" in order to save a few bucks. This is not really excusable, but it happens.

    But what really gets my blood boiling are statements like the one from that PR bimbo, which are just utter bullshit.

    Maybe she should apply for a job at Microsoft to sell "trustworthy computing".

    --
    ich bin der musikant

    mit taschenrechner in der hand

    kraftwerk

  2. use HD built in wipe by j_dot_bomb · · Score: 5, Informative

    Modern hard drives have commands "SECURITY ERASE" and "ENHANCED SECURITY ERASE". Search for those terms and hdparm on google. Also below is a link to the quality of the erasure. Note: these will erase even bad "mapped out" sectors. Enhanced erase will even go off track + and minus which erases the edges. atapwd.zip does regular erase (search).

    http://www.tomcoughlin.com/Techpapers/Secure%20E ra se%20Article%20for%20IDEMA,%20042502.pdf