Today's Hard|Forum Post
Today's Hard|Forum Post

Thursday September 20, 2018

The NCIX Data Breach

NCIX customer and employee data is allegedly available for sale as data brokers have purchased the servers, cracked the passwords in less than 5 minutes and are selling volumes of confidential customer and employee data for tens of thousands of dollars. Every single credit card record, address, business name, email address, phone number, IP address and unsalted MD5 hashed passwords; literally everything was allegedly saved on the servers when the company went bankrupt. Even the data from the air-gapped servers, data that was considered so confidential extra steps were taken to secure it from the outside world, has been copied and cataloged for sale to foreign and domestic entities. 13TB of data here, another 3 million records there and Travis Doering of Privacy Fly hadn't even scratched the surface of the data available for sale.

News Image

By this point I couldn't believe my eyes, the data I had seen today contained some the most damaging and extensive records I had ever come across covering at least seventeen years of business transitions. Data breaches by external actors are common in todays digital world but what makes this set of data so damaging is that it contains every record NCIX ever held. Including their backup files which had been kept in a segregated air gapped machine that regardless of skill level no external attacker would have plundered.

Discussion