September 22, 2015 — Data breach puts millions in B.C. at risk, say security experts
The British Columbia Education Ministry improperly stored student data on a hard drive, failed to encrypt it, then lost it. The Vancouver Sun features Matthew Reeves, product marketing manager at NuData Security, discusses what happens to this data on the dark web.
The personal information on the drive could be sold on the “dark web,” a private subset of the Internet where people can match up vast quantities of data from various other breaches to create complete dossiers, known as “fullz,” which are then sold for around $8 a person, said Matthew Reeves, product marketing manager at Vancouver-based NuData Security, which works with banks and online shopping sites to predict fraud.
“Potentially in isolation it’s not a big haul,” said Reeves. “Let’s say someone picks up this hard drive; I don’t think they’d be seeing dollar signs.
“That said, I think there still is a risk for people listed in this data and the risk is in time that data is bought and packaged with other data breaches and that might cause people problems in future.”
It could take time for people to feel the “ripple effect” of fraud, said Reeves.
Identity theft author Graham McWaters said he’d be worried that if someone got the data they might start phoning people claiming to be the B.C. government, privacy commissioner or some other group offering fraud protection. In the process, people would be lured into giving up even more personal information, such as a social insurance number.
To see the full article at The Vancouver Sun, click here.