An Ebay Customer was stunned to find details of more than one million customers of some of the most prestigious financial institutions on a Snap! Network Attached Storage (NAS) device he purchased on the auction site for a mere £35.
The details of American Express, Natwest and RBS Customers included names, addresses, mobile phone numbers, sort codes, bank numbers, credit card details, answers to secret questions and scans of customers signatures; the ideal haul for any criminal organisation.
Andrew Chapman, an IT Manager, purchased the computer off a former employee of Graphic Data, who stores data in an electronic format for several financial firms. The company, American Express, Natwest as well as the Information Commissioner are all investigating how this data breach happened.
Graphic Data which could be handed a very hefty fine issued a statement saying that "Certain pieces of IT equipment have been removed from a secure area. We are seeking to recover this equipment, which apparently contained customer data. We take customer privacy and data security very seriously."
Selling a second hand computer from a company is common practice, but not erasing the data using military grade technology is all but inexcusable as many freeware solutions exist.
There are currently 51 such NASes being sold on Ebay with some of them being refurbished and used while hundreds of second hand SCSI hard disk drives are on auction at any given time.