NCIX customer, employee data was for sale on Craigslist: report

The Craigslist post is no longer available

A database allegedly containing 15 years worth of customer and employee data belonging to former Canadian computer hardware retailer NCIX, is reportedly for sale on Craigslist, according to a September 18th, 2018 report from Privacy Fly.

Privacy Fly‘s Travis Doering reportedly came across the Craigslist post in question on August 1st, 2018.

The post itself “NCIX Database Servers – $1500 (Richmond BC)” was allegedly selling a database server from NCIX and a database reporting server.

Doering reached out to the seller, and didn’t hear back from anyone until August 21st, 2018.

“The seller proceeds to inform me that he has three NCIX server for sale for which he has the password required to login,” wrote Doering, in September 18th report.

Doering ultimately met with the seller on August 25th, 2018, at a warehouse in Richmond, British Columbia. According to Doering, the seller was an Asian man in his mid-thirties who identified himself as Jeff.

Jeff allowed Doering to review the contents of the server, which also contained XML files full of plain text names, usernames, passwords and addresses.

Doering wrote that Jeff said he possessed “NCIX’s entire server farm from the east coast which was shipped back to their Richmond warehouse several months ago.”

“I thought these revelations to be shocking enough, however I would later discover that the data on those servers was only the tip of the ice berg. Jeff and I agreed to meet again on September 5th, 2018 after he had located all the hard drives for me to analyze,” wrote Doering.

Doering said that he established a rapport with Jeff, who revealed that the current owner of the hardware in his possession is NCIX’s previous landlord.

NCIX reportedly abandoned the hardware when they didn’t pay past rent worth $150,000.

“Jeff stated that he was a former systems administrator for a Richmond based telecommunications company and was helping NCIX’s landlord recover the money he was owed in exchange for being able to copy the source code, and database to aid his development team on a project,” wrote Doering.

According to Doering, Jeff said that he still possessed approximately “300 desktop computers from NCIX’s corporate offices and retails stores, 18 Dell Poweredge servers, as well as at least two Supermicro server’s running StarWind iSCSI Software that NCIX had used to back up their hard disks.”

“In addition, there where also the 109 hard drives which had been removed from servers before auction and one large pallet of 400-500 used hard drives from various manufacturers,” wrote Doering.

“Jeff believed these contained a combination of functional but decommissioned hard drives used by NCIX and customer data from machine’s that had been in for repair at the time of bankruptcy.”

Doering was even able to access 13 years worth of data belonging to NCIX founder Steve Wu. The data included financial records, employment letters containing SIN numbers and “data from Mr. Wu’s home computer which featured personal documents and images of his family mixed in with numerous private photos of high-end escorts from mainland China.”

According to Doering, the data he was able to access “contained some the most damaging and extensive records I had ever come across covering at least seventeen years of business transitions.”

Jeff also told Doering that a foreign buyer has already purchased a collection of hard drives for $15,000 and that at least five other buyers were interested in purchasing the data that Jeff possessed.

Jeff also offered to allow Doering to copy data without all of the hardware included in the deal.

ZDNet reported that the Craigslist ad is no longer live. Additionally, a Royal Canadian Mounted Police (RCMP) spokesperson didn’t return a request for comment from ZDNet.

MobileSyrup has reached out to the RCMP for comment. This story will be updated with a response.

Source: Privacy Fly Via: ZDNet

Header image courtesy of Wikimedia.