EBAY Sale: Personal Data of Over a Million Bank Customers

An employee swipes an old system from his company and sells it for crack money on EBAY. On the old system is unencrypted information on credit card transactions and personal information of more than a million persons. This would have been the motherlode for scammers and fraudsters.

From the DailyMail here:

Personal details of more than a million bank customers have been found on a computer sold on eBay. Highly sensitive information on American Express, NatWest and Royal Bank of Scotland customers was stored on the machine’s hard drive. It includes names, addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers’ maiden names and even signatures.

It was on a computer previously used at the company’s archive in Shoeburyness, Essex.

A former employee sold it on eBay for just £35.88 earlier this month. Crucially, he did so without first erasing the internal hard drive.

It was only when buyer Andrew Chapman started looking at the hard disk that its astonishing contents came to light.

First, how did this computer leave the building without the security team throwing a fit? Second, why was that data stored unencrypted on the hard drive if it was at the company’s ARCHIVE office? Sloppy security bankrupts people.