Wednesday, October 1, 2008
Check out ebay and there are lots of old Firewalls and other hardware waiting to be sold. We have seen in the past when old second hand hard drives were bought on ebay and then data recovery was performed which did land up giving up a lot of juicy information and many a times government details were found which was very critical and did raise data privacy concerns but this same ebay experiment was performed on other hardware device which was a Cisco VPN box and guess what ? The device was configured to connect back directly to the previous owners VPN device without any authentication. the previous owner was none other than Kirklees council. The new owner had complete access to the Kirklees Council network which is a big threat concerning the data they would have stored on file servers.
So friends please make it a habit to shred the data, wipe disks according to DoD standards and reset other devices to default configuration so that such blunders don't happen with your company.
Read the story here