Man buys old servers, accuses Ernst & Young of data breach

  • 16 September 2014
  • 1 reply
  • 269 views

Userlevel 7
Badge +54
If this is true it is then I hope that since 2006 when the servers were bought security has been tightened at these institutions - but somehow given the amount of breaches I suspect there is still huge room for improvement.
 
by Lisa Vaas on September 16, 2014
 
 http://sophosnews.files.wordpress.com/2014/09/170-ey.jpg?w=640A Canadian who calls himself the owner of a used-computer dealership in Calgary (one that apparently doesn't have a website) says he's sitting on a pile of data for Ernst & Young's customers, stored on servers he bought in 2006.
As of last week, Mark Morris was sort of, well, holding that data ransom, more or less, until the global consultancy ponied up for its return.
He was originally thinking of a $50,000 retainer - and that's just to begin deleting backups of the purported data, which he's believed to have stored on various devices, not the data on the primary server.
But as Network World reports, nobody's even sure whether the breach is real or just the figment of Morris's imagination.
According to court documents, Morris claims that he found a treasure trove of business data associated with Ernst & Young's clients, mostly left on one of two servers he picked up for $300 after Ernst & Young bought the firm he was working for as an independent contractor, Synergy Partners, in 2003.
 
Full Article

1 reply

Userlevel 7
Here in the states that's called "blackmail" and is punishable by the law. I don't know what the law is in Canada but that person would be in trouble here.

Reply