NCIX servers sold on Craigslist with 15 years of user data

NCIX's old servers get sold, with 15 years of consumer and business private data included.

@anthony256
Published Mon, Sep 24 2018 12:25 AM CDT   |   Updated Tue, Nov 3 2020 11:50 AM CST

NCIX is in some big effing trouble with a story breaking over the weekend that someone had access to their old servers that went for auction and were purchased, after the Canadian retailer went bankrupt in 2017.

NCIX servers sold on Craigslist with 15 years of user data 03 | TweakTown.com
VIEW GALLERY - 2 IMAGES

The servers that were previously owned by NCIX somehow ended up on Craigslist, with Travis Doering from Privacy Fly access the servers and pretending to be someone called "Jeff" for privacy (fly) reasons. Doering was after the data on the NCIX server, making is clear he was after the contents of the HDD alone and not the juicy server hardware. Doering met with the seller multiple times, confirming that they were ex-NCIX servers and that they indeed had NXIC user and business data on it.

The used servers were sold because NCIX reportedly didn't pay their warehouse storage bills in late-2017 with over $115,000 owed, where the servers were given to the warehouse owner to sell to recoup costs. Yeah well, the NCIX servers weren't wiped and millions of customers private detailed were exposed, as well as business customers who used to buy many millions worth of goods.

Doering said that Jeff, the guy selling the NCIX servers on Craigslist, had access to "300 desktop computers from NCIX's corporate offices and retails stores, 18 DELL Poweredge servers, as well as at least two Supermicro server's running StarWind iSCSI Software that NCIX had used to back up their hard disks". Jeff also gave Doering access to even more storage, with "109 hard drives which had been removed from servers before auction and one large pallet of 400-500 used hard drives from various manufacturers".

The private data on these servers and storage drives had personal data of millions of people, with credentials, invoices, photographs of customers IDs, bills, customer names, addresses, email addresses, phone numbers, IP addresses, and unsalted MD5 hashed passwords. You know, pretty much everything. The database had 258,000 payment card details, all stored in plain text, and 3.8 million orders.

Even worse, Doering found the backup image for NCIX founder Steve Wu, showing just how bad this data breach could've been.

The Craigslist seller was happy for Doering to copy all of the NCIX customer data from ALL of the server HDDs, without buying any of the hardware. This is beyond sketchy, just in case you're not aware of this situation because at point, it's ridiculously bad. Jeff even told Doering that at least one other person had purchased the old NCIX data, so who knows how many people have access to it at this stage.

Anthony joined the TweakTown team in 2010 and has since reviewed 100s of graphics cards. Anthony is a long time PC enthusiast with a passion of hate for games built around consoles. FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with custom-built PCs. His addiction to GPU tech is unwavering.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles