Computer With UK Bank Customer Data Sold On eBay 184
Walpurgiss tips a BBC News story about a man in Oxford who paid $140 for a computer on eBay, and was shocked to find on it bank records of several million customers of the Royal Bank of Scotland, its subsidiary Natwest, and one other bank. "Mr. Chapman said anyone with a basic knowledge of computer software would have been able to find the data fairly simply. 'The information was in back-up CDs and in ISO files so it would have been possibly quite easy to find...,' he said."
I got records from @home from an ebay purchase (Score:5, Interesting)
Hand it back? (Score:5, Interesting)
So in the article, they say that they expect him to hand "it" back.. does that means that the poor guy who paid 77£ to give back the computer for free?
Personally i'd charge a hefty sum to make them get back that computer, just to make them remember that he paid and he was nice enough to tell them.
Re:Hand it back? (Score:4, Interesting)
mind you in his day and age i wouldn't be suprised if he ends up in jail for his honesty, if it was me i wouldn't be saying anything. if i was a more desperate man i might even have sold those details online for a princely sum....
Goodwill (Score:5, Interesting)
I bought a sun box at goodwill once and besides an intact customer database for several large companies, it also had the admin's personal backup files, including his "My Documents" folder, his Palm cell phone, and 1200 dpi scans of his passport. Oh, and some file called "passwords.doc". No idea what is in there...
More details here:
http://lfnet.net/blog/?p=41 [lfnet.net]
But yeah... wipe it before you get rid of it.
Re:Honesty (Score:5, Interesting)
"Always do good. It will gratify some and astonish the rest." ~Mark Twain
Its stupid, but understandable (Score:3, Interesting)
Its tough to sell a machine with no O/S on it. Most buyers will take one look at the retail price of XP (for example) and subtract that from their eBay bid. Most sellers are unwilling to risk a complete disk scrub and reinstall. Even if they are, its doubtful that they still have (or ever had) media to do an install on a clean system. The most that the non-tech savvy will attempt is to drag the contents of 'My Documents' to the trash can icon.
This is an opportunity for a Linux distro. Include an easy-to-use boot/nuke/install mode and offer them to people who put systems up for sale on various web sites.
Re:Wait... what!? (Score:3, Interesting)
If the machine came in contact with this data, why the drives were even sold is beyond me. The drives should have been removed and run through a shredder / grinder.
Any machine that contained data or could have contained such as this should have been through a more... robust... decomissioning process.
Re:Hand it back? (Score:1, Interesting)
Extortion for what? He bought the system and all of the items with it legally. By most laws, that data is physically located on his property, and is legally his to do with what he wants. The inadvertent sale is not his fault; it's pretty much akin (I would think; IANAL) to being sold a house with $25,000 in the attic.
Which oddly, friends of mine had happen... and they reported and turned it over to the police. If the money has no illegal connections attached to it, it's theirs.
Re:I got records from @home from an ebay purchase (Score:3, Interesting)
Why would you encrypt when you could just write randomness?
10 write zeros.
20 write randomness.
30 GOTO 10 (as many times as you like)
Re:Honesty (Score:1, Interesting)
Re:I guess RBS stands for... (Score:3, Interesting)
Re:Honesty (Score:2, Interesting)
Kudos for him for speaking up rather than trying to abuse the situation.
How do you know he didn't make a copy before speaking up? Get the cash and the kudos...
---
Virus scanners don't detect M$ and US government trojans.