Computers Without Full Disk Encryption Stolen From Tax Services Firm.

Kingston Tax Service, doing business out of Washington State, has alerted their clients that they should sign up immediately for identity theft services.  Several computers were stolen from the Kingston Tax service office on August 12.  While the access to the computer had password?protection, it sounds like full disk encryption services like AlertBoot were not securing the contents.

 

According to the pnwlocalnews.com, letters sent to clients state that each of the computers stolen contained sensitive information that can be used by identity thieves, although it’s not detailed what type of information they are specifically.

 What’s notable about this case is that the owner of the firm, Tim Winsor, thinks he saw the computers up for sale in craigslist.org, two days after the burglary took place.  The serial number in the pictures were blurred, but I guess there must have been some kind of prosaic identifying marks on the machines.  The machines were being sold sans their hard drives.  Yep, the same drives that don’t have disk encryption but do contain sensitive information.  Come to think of it, even using the less?resource intensive file encryption would have helped in protecting the data. 

Now, there are many ways of getting around password?protection to get to the data on a computer.  One of them is taking the hard drive out of the computer and hooking it up to another computer: since the latter computer is accessible to the thief, the contents of the “protected” disk drive are also available to the thief.  The process is no different from hooking an external drive to your computer.  This is why the Windows password?protection is not considered to be protection at all—it’s just too easy to bypass, assuming you’ve got opposable thumbs.  And from hence comes, I guess, Mr. Winsor’s insistence that all clients sign up for fraud alerts on their credit cards and other ways of preempting would?be identity thieves.

 

I don’t think his concern is off?base.  Much has been made of the fact that most stolen computers are re-sold as is or after a cursory disk format; almost no one is interested in the information found on red?hot computers, apparently.  But in this case, the hard drives have been popped out intentionally.  This doesn’t necessarily mean that the thieves in question are interested in taking a peek at the contents of the unencrypted drive.

 

If anything, all signs point to the fact that these guys are a little paranoid about being tracked.  Computer serial numbers can be used as proof that they stole the computers if the tax services company has a list of such numbers—hence, they’re blurred from the craigslist pictures.  Likewise, if there are some data vigilantes doing rounds, they could buy the computers listed in the online classifieds forum; analyze the data once the computers arrive; and peg the sellers as thieves if they were to find the firm’s data and if the firm were to vouch that they’re the firm’s stolen computers.  So, out go the hard drives.

 

However, this would be indicative of thieves sophisticated enough to know the workings of computers.  So it stands to reason that they would not stop at just selling the hardware, no?

 

Related Articles:


http://www.pnwlocalnews.com/kitsap/nkh/news/27134264.html



Comments (0)


Let us know what you think