DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
August 26th, 2008
Amex, RBS, Natwest customer details sold on eBay
Over one million American Express, RBS and Natwest customers' details have been sold on eBay.
The details were stored on a server, bought for just over £35 by Andrew Chapman, an IT manager from Oxford, last week. Chapman told ZDNet.co.uk on Tuesday that the server, a network attached storage (NAS) box, contained unencrypted backups of CDs.
"A professional organisation holding this kind of data should have tested the disks to make sure [the information] was destroyed," said Chapman.
The computer had been used by data-archiving firm Graphic Data to store the details on behalf of RBS, of which Natwest is a subsidiary. Details included names, addresses, bank account numbers, telephone numbers and customer signatures.
RBS said on Tuesday that it was in the process of investigating the incident.
"Graphic Data has confirmed to us that one of their machines appears to have been inappropriately sold on via a third party," RBS said in a statement. "As a result, historical data relating to credit-card applications from some of our customers and data from other banks were not removed. We take this issue extremely seriously and are working to resolve this regrettable loss with Graphic Data as a matter of urgency."
Graphic Data, a subsidiary of Sala International, said it had not planned to dispose of the server, and was investigating how it had appeared on eBay.
"The IT equipment that appeared on eBay was not planned to be disposed [of] by the company and investigations are still ongoing to find out how this equipment was removed from one of Graphic Data's secure locations," the company said in the statement. "We take customer privacy and data security very seriously. This incident is extremely regrettable and we're taking every possible step to retrieve the data and ensure this is an isolated incident."
The Information Commissioner's Office (ICO) said it would be investigating the breach. "It is essential that companies have appropriate procedures in place to ensure that personal records are kept secure at all times, the ICO said in a statement. "If companies are disposing of computer equipment they must take the necessary steps to ensure that any personal information stored on the hard drive is rendered unrecoverable. We are now investigating this potential data breach and will be seeking an urgent explanation from Graphic Data to establish what has gone wrong and the steps that are being taken to prevent a similar incident occurring."
Neither eBay nor American Express had responded to a request for comment at the time of writing.
This data breach follows the compromise of details of 84,000 prisoners in the UK by a Home Office sub-contractor last week.
Source: ZDNet UK
All news for December, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
