CyberCrunch Newsletter: Advice and guidance on safe, secure data destruction

adminNews, Newsletter

CyberCrunch® News: Advice on safe, secure data destruction and electronic recycling

At CyberCrunch®, we aim to help you stay vigilant about the consequences of potential data breaches that could affect your business.

This month, we follow a shocking story in which thieves broke into Fresno University and stole a hard drive containing the personal information of 15,000 people. We’ll show how you can avoid this situation and the best way to dispose of unwanted hard drives with personal data on them.

Also in this month’s newsletter, we’ll examine the dangers of covering up a data breach, focusing on the news that ride-share firm Uber is being sued by the Commonwealth of Pennsylvania. Uber waited 13 months to inform people that their personal details had been stolen. We’ll explore what businesses can learn from this and the best ways of handling such situations.

In addition, we’ve included a story about how several of our recycled laptops are now helping seniors and students as part of one of our charity initiatives.

If you would like help or advice about the safe, secure disposal of sensitive information, or any information about recycling your electronics more generally, contact us.

Thieves steal 11 years’ worth of personal data from University

Are you storing your sensitive data on external hard drives and safely eliminating the information when it’s no longer needed? Well, experts are now calling for business owners to destroy their unused hard drives, following the news that thieves broke into Fresno University and stole the personal details of 15,000 people.

The thieves stole a hard drive containing sensitive information about thousands of current and former students, as well as pilfering several laptops and other electronic items.

The hard drive hadn’t been used since 2014 but still contained information such as addresses and social security numbers, going all the way back to 2003.

According to J. Collin Petersen of J. IT Outsource this was “a gold mine for someone who wants to use the information nefariously.”

Could the University have prevented the breach?

Having sensitive information lying around on an external hard drive is a breach waiting to happen, especially if you no longer need the data.

If you need to store sensitive information, you can protect against data breaches by using encryption and physical security.

But, even worse was the fact that Fresco University did not use this particular hard drive anymore. It hadn’t been used for four years, so disposing of it would clearly have been the best course of action.

When it’s time to get rid of old hard drives in your organization, it is important to make every effort to avoid data breaches.

A number of software solutions exist to definitively erase files but computer experts say it takes time and effort to make electronics completely unreadable.

Therefore, the simplest course of action is to completely destroy hard drives with sensitive data as soon as your business no longer requires them. In other words, the most straightforward solution is complete destruction.

How can I safely destroy hard drives with sensitive data?

We would caution you that destroying a hard drive without help is hardly ever the best option. Computer experts say that even treatment with a hammer may not be enough to end your data. While it may seem more cost-effective to destroy drives yourself, you run the risk of your data being retrieved and used maliciously.

By using a company that specializes in data destruction, you have third party verification.  This is useful in the event of an alleged breach and shows that your company followed industry best practices when eradicating data.

At CyberCrunch™, we provide permanent data destruction and recycling solutions to keep your company’s private information safe.

Our IT asset disposition (ITAD) services provide secure erasure before assets are remarketed, donated or destroyed. With our extensive experience in the industry, familiarity with regulatory and governmental policies, we can help your destroy your data, quickly and efficiently.

Find out more

Uber sued for concealing data breach

Businesses failing to report data breaches immediately can expect serious consequences, as ride-share firm Uber discovered recently. It’s currently facing penalties of up to $13.5 million for covering up a hack that affected 57 million customers and drivers.

In 2016, Uber paid hackers $100,000 to conceal a data breach that exposed the personal data of 57 million users of its mobile app. The cyber attack exposed the names, emails and phone numbers of 50 million passengers as well as the license numbers of 7 million drivers.

It took Uber over a year to actually report the attack and now the Commonwealth of Pennsylvania is suing Uber for failing to immediately disclose the breach.

It is charged with ‘violating the Pennsylvania Breach of Personal Information Notification Act’, which requires companies to notify those who are affected by data breaches within a reasonable amount of time. Uber waited thirteen months, which is difficult to classify as ‘reasonable’.

And it’s highly likely that Pennsylvania won't be the only state to file against Uber. With 43 others investigating Uber in connection with this breach, we’ll likely hear more about this story in the near future.

What should Uber have done?

Hundreds of businesses experience cyber attacks every year. To put that in perspective, more than half of U.S. businesses have experienced a cyber attack in the past year, according to a survey of businesses executives. It’s devastating for any business to discover it has been on the receiving end of a data breach, but the absolute worst course of action is to cover it up.

If you discover sensitive information has been stolen, the first thing you must do is inform your customers – immediately. Once you’ve done this, you must then notify the proper authorities of the breach. The appropriate authority can vary from state to state and industry to industry.  It’s best to have a data breach plan in place, prior to a breach occurring.

Equally importantly, you must learn from the breach and guard against it happening again.  For example:

  • Change all passwords to very strong ones
  • Require passwords to be changed at least quarterly
  • Provide training to employees and employ best practices at your workplace
  • Update your data breach policy
  • Hire outside help to identify gaps in your system

If you would like help or advice on this topic, please contact us. At CyberCrunch, we can help you follow all state and federal standards, and provide safe and secure recycling and data destruction to keep your customer’s sensitive information safe.

Recycled computers find new homes with seniors and students

Students and seniors in need are benefiting from our recycled laptops after we donated several to Westmoreland County residents and organizations.

At CyberCrunch™ not only do we specialize in electronic media destruction and recycling but we also do our best to help those in need by donating restored equipment.

We recently donated refurbished laptops to seniors and students of Westmoreland County who may need them as part of our “laptops for seniors and students” initiative.

Laptop recipients, our staff members and employees from our partner company, United Way, gathered at our Greensburg facility earlier this month for a presentation on identity theft, security and e-waste recycling, as well as for a discussion on laptops more generally.

“This is part of our commitment to bettering our communities and societies. We are taking the laptops some deem as no longer fit for use and giving them to the people who need them and will appreciate them,” said Serdar Bankaci, CyberCrunch President.

Refurbished computers for those in need

In the current technological age, thousands of people still have no access to computers or the Internet, making them disconnected from the rest of the world. Therefore, the laptops for seniors and students initiative will provide Westmoreland County residents a chance to rejoin the society and move out of obscurities.

As part of our e-waste recycling business, CyberCrunch™ promotes reuse of refurbished laptops and electronic equipment. We partnered with United Way to find local recipients who may benefit from a refurbished laptop, including seniors on fixed incomes and early education centers with limited budgets.

Increased technology use can benefit both seniors and young students. Seniors can combat isolation and loneliness by making connections through social media and other online communication. Seniors can also access helpful services like transportation, grocery delivery and health tracking with ease. In the early education classroom, computers, laptops, and tablets can provide students with customized, highly interactive learning experiences. Teachers can also use tools to plan lessons, assess student progress and continue their professional development.

With these laptops, seniors and students who receive them will have the opportunity to socialize with families, relatives on social media and develop new interests and improve their learning experience respectively.

About United Way

United Way of Southwestern Pennsylvania, serving Allegheny, Westmoreland, Fayette and Southern Armstrong counties, leads and mobilizes the caring power of individuals, the business community and organizations to help local people in need to measurably improve their lives. United Way creates long-lasting change for the betterment of our community. Learn more about United Way’s work in Westmoreland, Fayette and Southern Armstrong Counties at www.unitedway4u.org.