Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Remog

NCIX Data breach 2018

Ryan_Vickers

This is the thread on this news story.  If you see other threads popping up about it, please report them and ask for them to be merged in here.  Don't bother commenting on them.

Message added by Ryan_Vickers

Recommended Posts

1 hour ago, rcmaehl said:

Was about to post this glad to see @Remog is quicker than me. Can we get some feedback from the LTT staff or Linus in regards to this?

@Aprime on Reddit said he already passed the info along.


Personal Rig:

CPU: i7-7700K  | Mobo: MSI C236A Workstation | RAM: 2x G.SKILL Ripjaws V Series 8GB = 16 GB  | GPU: ASUS GTX 1070 Strix | Storage: Samsung 970 Evo 256 GB, WD Blue 1 TB, WD Red 2 TB, and WD Scorpio Blue 320 GB | Case: Enermax Ostrog Black and White | PSU: EVGA 600B 600W 80+ Bronze | Cooling: Noctua NH-U12S in Push/Pull with Black Noctua Industrial Fans, 2 120mm Noctua Chromax Fans, and Corsair AF120 on the side panel | Display: 22" Asus VE228 1920 x 1080 and a 34" LG 43WL500-B 2560 x 1080 on a WALI Arm (I share displays/desk with two builds) | Mouse: Logitech M705 | Keyboard: Logitech K350 | Random: 90mm of CableMod RGB Magnetic Strips | OS: Win 10 Education x64 

32" Samsung CF397 1920 x 1080

Linux/test Box:

CPU: Ryzen 5 2600  | Mobo: ASRock AB350M mATX | RAM: 2x Crucial 8 GB DDR4 = 16 GB | GPU: Gigabyte GTX 970 G1 Gaming | Storage: Sandisk SSD Plus 120 GB, Kingston 256GB SSD, 2x Seagate IronWolf NAS Drives  | Case: Corsair Carbide 88R mATX | PSU: Corsair CX500 | Cooling: Stock Cooler and 3x Cooler Master 120mm Fans | Display: 22" Asus VE228 1920 x 1080 and a 34" LG 43WL500-B 2560 x 1080 on a WALI Arm (I share displays/desk with two builds) | Keyboard: Logitech K270 | Mouse: Logitech M185  | OS: Ubuntu 18.04 and Windows 10 Pro x64

 

Laptop (Acer Pedator Helios 300):

CPU: i7-7700HQ  | RAM: 16 GB DDR4  | GPU: GTX 1060 6 GB | Storage: 256 GB SSD and Seagate 1 TB Firecuda | Display: Acer IPS 15.6" 1920 x 1080 Display | Mouse: Logitech M557 and built-in trackpad (never use lol) | Keyboard: built-in keyboard and Logitech K480 | OS: Windows 10 Pro x64

 

Other Devices I use:

Phone: iPhone 7 128GB Jet Black  | Tablet: iPad Mini 4 128GB LTE and a Surface Go 128GB with 8GB of RAM | Media Box: Apple TV 64GB | Amazon Echo Spot | TV: Some 42" JVC 1080p (this has a good image 6 years later) | Backpack: Some SwissGear Laptop Bag | Camera: GoPro Hero 5 with a Rode Mic | Zoom H1n | Blue Snowball |

 

Link to post
Share on other sites
1 hour ago, rcmaehl said:

Stolen from chat. Product Drop Tester Predicts Data Breach (2018, Colorized)
 

 

image0.jpg

 

Well Shiiiiiiiiiieeeeet...

Gotta cancel my credit card then, and update my pre-authorized monthly bill payments...

F#$kin' NCIX's founder, Steven Wu....ya goof'd Bic Tyme Bic Boi


Intel X99 Rig -- CPU + PSU being RMA'ed
Intel Z390 Rig (*NEW* Primary)

  • i7-6800K @ 4.0 GHz --- i7-8086K
  • ASUS X99 Deluxe --- Gigabyte Z390 Aorus Master
  • 2x Sapphire NITRO R9-Fury in Crossfire / ASUS ROG Platinum Matrix R9-280X
  • 32 GB, 16 GB DDR4 G.Skill Trident Z Red/Black 3000 MHz + 16 GB DDR4 G.Skill Trident Z RGB 3000 MHz
  • CM Hyper 212 EVO (temporary) .... EKwb Predator kit .... in-progress
  • SanDisk 480 GB SSD + 1TB Crucial MX 500 SSD + 1TB Samsung 860 EVO
  • EVGA SuperNOVA 850W P2 + Red/White CableMod Cables
  • Phanteks Enthoo Luxe Tempered Glass Edition
  • Logitech G502 Proteus Spectrum + Corsair K70 (Red LED, anodized black, Cheery MX Browns)

Intel Z97 Rig (Secondary)

  • Intel i5-4690K @ 4.6 GHz  4.8 GHz (still tweaking it)
  • ASUS ROG Maximus VII Hero Z97
  • Sapphire Vapor-X HD 7950 EVGA GTX 1070 SC Black Edition ACX 3.0
  • 20 GB (8GB X 2 + 4GB X 1) Corsair Vengeance DDR3 1600 MHz
  • Corsair A50 air cooler  NZXT X61
  • Kingston V300 120GB SSD [non-gimped version] + SanDisk Ultra II 240GB SSD + WD Caviar Black 1TB HDD
  • Antec New TruePower 550W EVGA G2 650W + White CableMod cables
  • Cooler Master HAF 912 White NZXT S340 Elite w/ white LED stips

AMD 990FX Rig (Decommissioned...for now)

  •  FX-8350 @ 4.8 / 4.9 GHz (given up on the 5.0 / 5.1 GHz attempt)
  • ASUS ROG Crosshair V Formula 990FX
  • 12 GB (4 GB X 3) G.Skill RipJawsX DDR3 @ 1866 MHz
  • Sapphire Vapor-X HD 7970 + Sapphire Dual-X HD 7970 in Crossfire  Sapphire NITRO R9-Fury in Crossfire *NONE*
  • Thermaltake Frio w/ Cooler Master JetFlo's in push-pull
  • Samsung 850 EVO 500GB SSD + Kingston V300 120GB SSD + WD Caviar Black 1TB HDD
  • Corsair TX850 (ver.1)
  • Cooler Master HAF 932
  • Logitech G9x + Corsair K70 (red LED, anodized black, cherry MX Brown)  *NONE*

 

<> Electrical Engineer , B.Eng <>

<> Electronics & Computer Engineering Technologist (Diploma + Advanced Diploma) <>

<> Electronics Engineering Technician for the Canadian Department of National Defence <>

Link to post
Share on other sites
2 minutes ago, -rascal- said:

NCIX's founder, Steven Wu....ya goof'd Bic Tyme Bic Boi

Not his fault, everything was taken away from him when he went bankrupt.

 

I assume (someone correct me if I'm wrong) the blame lies with the company responsible for liquidating the assets.


System specs:

4790k

GTX 1050

16GB DDR3

Samsung evo SSD

a few HDD's

Link to post
Share on other sites
Quote

 mounted one image belonging to Steve Wu the founder of NCIX. Inside I found data going back 13 years, financial documents, employment letters containing SIN numbers, and data from Mr. Wu’s home computer which featured personal documents and images of his family mixed in with numerous private photos of high end escorts from mainland china.

my favorite part of the article. now I know where my restocking fees went


i7-8700k @ 4.8Ghz | EVGA CLC 280mm | Aorus Z370 Gaming 5 | 16GB G-Skill DDR4-3000 C15 | EVGA RTX 2080 | Corsair RM650x | NZXT S340 Elite | Zowie XL2730 

Link to post
Share on other sites

Someone is going to end up in court over this for sure and could be looking at some jail time 


Dance like no ones watching. Encrypt like everyone is.

 

Mouse potato - The online generations version of a couch potato

Link to post
Share on other sites

well I called my credit card company and said I was worried about a data breach at an online store I used to use and the guy was super helpful. Card blocked and new card with new number coming in a few days.

 

fuck you NCIX!!!


i7-8700k @ 4.8Ghz | EVGA CLC 280mm | Aorus Z370 Gaming 5 | 16GB G-Skill DDR4-3000 C15 | EVGA RTX 2080 | Corsair RM650x | NZXT S340 Elite | Zowie XL2730 

Link to post
Share on other sites
Posted · Original PosterOP
1 minute ago, _Zer0_ said:

I used to work there. Apparently our SIN numbers are on there so what can we do about that?

Contact the Government (Service Canada) immediately. 

 

And probably consider legal options. Maybe a class action is something that could happen in the future? Though IANAL so YMMV

Link to post
Share on other sites

Best way to prevent something like this is to allow the IT staff to take all drives to a local gravel pit with a sledgehammer or shotgun and let them have an Office Space moment prior to the closing.

Link to post
Share on other sites

Now I'm wondering if there are any Government regulations regarding the handling of customer data in the case of bankruptcy. Yes, NCIX should've encrypted their drives, but that's the tip of the iceberg when you consider how many companies still have boxes and boxes of paper records as Linus showed in his videos. And clearly it seemed like the people running these auctions don't give a crap and just leave them on the show room floor. I wouldn't even be surprised if they sold them. They're solely there to recoup money and since customer information has more value than ever these days, it's a no-brainer in their perspective. NCIX just happened to be the one who should've known better. But I can bet you there are thousands of small businesses that don't encrypt their drives that could face a similar fate and have company and customer data sold or leaked. To even think this data wasn't ceased upon filing for bankruptcy with the courts, and having auctioneers just sell these unformatted drives boggles my mind. 

 

TL;DR It's not just a failure on NCIX's part, it's a failure on all parties involved with the filing of this bankruptcy. 


AMD Phenom™ II X6 1100T @ 4.0GHz | MSI 890FXA-GD65 | MSI GTX 550Ti | 16GB Kingston DDR3 | Samsung 850 EVO 250GB | WD 750GB | Antec 300 | Asus Xonar DG | Corsair A50 | OCZ 600W | Windows 10 Pro

Intel Core™ i5-8520U | WD Blue M.2 250GB | 1TB Seagate FireCuda | 8GB DDR4 | Windows 10 Home | ASUS Vivobook 15 

Intel Core™ i7-3520M | GT 630M | 16 GB Corsair Vengeance DDR3 | Samsung 850 EVO 250GB | macOS Mojave Lenovo IdeaPad P580

AMD Phenom™ II X2 550 @ 3.10GHz | Gigabyte GA-MA785GM-US2H | XFX Radeon HD 4870 | 4GB Corsair XMS2 | 250GB WD SATA | Thermaltake TR2 500W | Windows 7 Ultimate | Kali Linux

Samsung Galaxy A5 2017 (8.0) | iPad Mini (iOS 8.4) 

Link to post
Share on other sites

I haven't seen the other reports, but I did read this article, including information like "This even featured personal documents and images of Mr. Wu’s family mixed in with numerous private photos of high end escorts from mainland china." [sic]

 

Let me know if anyone finds information about a class action lawsuit against whomever is responsible for this...

Link to post
Share on other sites

I'd like to take a moment to thank NCIX for always having exorbitant shipping fees for anything I thought about buying from them. Sure a case may have been $10 cheaper than Amazon there but when it cost $30 to ship it to me I picked Amazon every time. So thanks for disuadding me back then so I'm not getting fucked over by you now xD

Link to post
Share on other sites

this week's just the week for data breaches huh


Volume / Normalized 100% / 64% (content loudness 3.9dB)

Local VHS collector and video capture amateur. Also the only confirmed Saturn wagon owner here and a Southern California ex-pat. PM me for any questions concerning VHS recording if interested.

 

 

@handymanshandle x @pinksnowbirdie | Jake x Tyler :^

Link to post
Share on other sites
6 minutes ago, imreloadin said:

I'd like to take a moment to thank NCIX for always having exorbitant shipping fees for anything I thought about buying from them. Sure a case may have been $10 cheaper than Amazon there but when it cost $30 to ship it to me I picked Amazon every time. So thanks for disuadding me back then so I'm not getting fucked over by you now xD

I guess this was a plus for living in the same city as their headquarters. Just place an order online and pick up at one of their 3 stores or warehouse in Richmond later in the day. I've practically bought all of my parts from them prior to their bankruptcy. 


AMD Phenom™ II X6 1100T @ 4.0GHz | MSI 890FXA-GD65 | MSI GTX 550Ti | 16GB Kingston DDR3 | Samsung 850 EVO 250GB | WD 750GB | Antec 300 | Asus Xonar DG | Corsair A50 | OCZ 600W | Windows 10 Pro

Intel Core™ i5-8520U | WD Blue M.2 250GB | 1TB Seagate FireCuda | 8GB DDR4 | Windows 10 Home | ASUS Vivobook 15 

Intel Core™ i7-3520M | GT 630M | 16 GB Corsair Vengeance DDR3 | Samsung 850 EVO 250GB | macOS Mojave Lenovo IdeaPad P580

AMD Phenom™ II X2 550 @ 3.10GHz | Gigabyte GA-MA785GM-US2H | XFX Radeon HD 4870 | 4GB Corsair XMS2 | 250GB WD SATA | Thermaltake TR2 500W | Windows 7 Ultimate | Kali Linux

Samsung Galaxy A5 2017 (8.0) | iPad Mini (iOS 8.4) 

Link to post
Share on other sites

>Not having customer data encrypted

 

How?!


Please tag me if you need assistance or if you want me to contribute to a topic 

 

ASUS RoG STRIX GL502VM

Intel Core i7 7700HQ | GeForce GTX 1060 6GB | 16GB DDR4-2133 | 128GB SanDisk M.2 SATA SSD + 1TB 7200RPM Hitachi HDD | 15.6" 1080p IPS monitor @ 60Hz w/ G-SYNC | Windows 10 64-bit

 

Samsung Galaxy Note8 SM-N950F

Exynos 8895 (4x Mongoose @ 2.3GHz, 4x Cortex A53 @ 1.7GHz)ARM Mali G71 MP20 | 6GB LPDDR4 | 64GB Samsung NAND flash w/ UFS 2.1 dual-lane controller + 128GB SanDisk C10 UHS-I microSD | 6.3" 1440p "Infinity Display" AMOLED | Android Nougat 7.1.1 w/ Samsung Experience 8.5

Link to post
Share on other sites

NCIX was a major seller to various BC Government and Government of Canada, IT Departments. If this is true, I expect to see some fairly spectacular fireworks.

I say "if" because at current we only have one source of this information.

Link to post
Share on other sites

People need to remember, data breaches/leaks like this do not only occur just from businesses shutting down or going bankrupt, but also routine upgrades and hardware refreshes.

 

As someone who regularly purchases Enterprise-class IT hardware from Canadian Government auctions, there's been a number of occasions where sensitive/damaging data hasn't been wiped from drives or flash memory of networking gear has not been cleared. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×