NCIX is in some big effing trouble with a story breaking over the weekend that someone had access to their old servers that went for auction and were purchased, after the Canadian retailer went bankrupt in 2017.
2The servers that were previously owned by NCIX somehow ended up on Craigslist, with Travis Doering from Privacy Fly access the servers and pretending to be someone called "Jeff" for privacy (fly) reasons. Doering was after the data on the NCIX server, making is clear he was after the contents of the HDD alone and not the juicy server hardware. Doering met with the seller multiple times, confirming that they were ex-NCIX servers and that they indeed had NXIC user and business data on it.
The used servers were sold because NCIX reportedly didn't pay their warehouse storage bills in late-2017 with over $115,000 owed, where the servers were given to the warehouse owner to sell to recoup costs. Yeah well, the NCIX servers weren't wiped and millions of customers private detailed were exposed, as well as business customers who used to buy many millions worth of goods.
Doering said that Jeff, the guy selling the NCIX servers on Craigslist, had access to "300 desktop computers from NCIX's corporate offices and retails stores, 18 DELL Poweredge servers, as well as at least two Supermicro server's running StarWind iSCSI Software that NCIX had used to back up their hard disks". Jeff also gave Doering access to even more storage, with "109 hard drives which had been removed from servers before auction and one large pallet of 400-500 used hard drives from various manufacturers".
The private data on these servers and storage drives had personal data of millions of people, with credentials, invoices, photographs of customers IDs, bills, customer names, addresses, email addresses, phone numbers, IP addresses, and unsalted MD5 hashed passwords. You know, pretty much everything. The database had 258,000 payment card details, all stored in plain text, and 3.8 million orders.
Even worse, Doering found the backup image for NCIX founder Steve Wu, showing just how bad this data breach could've been.
The Craigslist seller was happy for Doering to copy all of the NCIX customer data from ALL of the server HDDs, without buying any of the hardware. This is beyond sketchy, just in case you're not aware of this situation because at point, it's ridiculously bad. Jeff even told Doering that at least one other person had purchased the old NCIX data, so who knows how many people have access to it at this stage.
AMD's top Strix Point Halo APU could have 16 Zen 5 cores in 2 x CCDs, mirroring Ryzen 9000 CPUs
FBI confirms Chinese hackers have infested US water and energy systems
Microsoft's new Windows 11 'AI Explorer' feature set to anger AMD and Intel
High-end PC maker gives advice that could fix Intel Core i9 CPUs crashing in games
Windows 10 users: Get ready to be bugged about creating a Microsoft Account
ASUS ROG Swift Pro PG248QP Gaming Monitor Review - Frames, frames, and more frames
FlexiSpot C7B-Mesh Ergonomic Office Chair Review
Samsung G8 34-inch QD-OLED Gaming Monitor Review - 175Hz for $900
ASRock NUCBOX-155H Mini PC Review
NuPhy Air96 V2 Wireless Mechanical Keyboard Review
TEAM T-FORCE Siren DUO360 RGB Liquid CPU Cooler Review
AVerMedia Live Streamer ULTRA HD Review
AVerMedia Live Gamer 4K 2.1 Review
XPG Invader X Mid-Tower Chassis Review
Intel Core i9-14900KS CPU Review
Everything you need to know about the latest ASUS NUC Mini PCs - NUC 14 Pro and ROG NUC
How to Overclock Your GPU and Boost Your PC Gaming with ASUS GPU Tweak III
ASUS's AMD Radeon RX 7000 Series GPU lineup has something for every gamer
ASUS OLED Premium Care defends the ROG Swift OLED PG32UCDM gaming monitor from burn-in
Patriot Viper Xtreme 5 Engineering Prototype 48GB Dual-Channel Memory Kit Preview