received_10207611082777501

Will this be you when IT happens?

Quortum HQ is in a wonderful Business Incubator in beautiful downtown Leesburg, Virginia.  As part of George Mason University’s “Mason Enterprise Center” (MEC), we have individual offices with very high-speed internet, printing/scanning, BD/Coaching support and shared conference rooms included with our rent.

Recently though, I’ve seen a staggering amount of VERY sensitive documents in community trash and recycling bins throughout the building.  For the record, there are shredders in every print room and the staff makes residents aware of them.

I’ve seen employee and client data left on printers, a few weeks ago, I found 124 (double-sided) pages of a government contract, marked “Sensitive”.  I felt the paper, it was cold and even came back an hour later and it was still sitting on the printer.

Checkout this news clip on showing what was found in a recycling bin outside a Federal Facility:

dumpster

Just this past Monday, as I was warming up some tea in the kitchen down the hall, I looked in the recycling bin and saw a bank statement for a neighbor’s company.  I picked it up, just like any inquisitive Security guy would and was astonished with the amount of information I learned. Here are some of the tidbits:

  • Complete Checking and Savings Account Numbers
  • Respective balances of ~$13,500 and ~$87,438,298 (Seriously!!!!)
  • Detailed list of deposits and withdrawals
  • Name/addresses of who they sent electronic payments to since October 2016
  • Name/contact info for the specific banker who handles their accounts

WOW!

I’ve been thinking how I could go up to the folks who own this company, engage them in some casual banter and probably get details about them that would allow me to gain full access to their accounts.

During this Holiday Season, as you’re showing everyone some Christmas Cheer, take a trip around your office and look at the trash, especially around printers and in conference rooms.  Many of you will find things that you wouldn’t want shared with your competitors or those wishing to be a Grinch to your business.

50_bbb

Imagine if your clients’ or employees’ data was found in the trash and a local media outlook did a story on it, how would your business handle it?  You’re probably not Target or a Government Agency, so your business will suffer.

Quortum provides assessments and consulting services to help you mitigate risks from intentional and unintentional Insider Threats.  Please contact us to start the discussion on how we can help.