Is Sensitive Data Your New Carry On Luggage?

Sensitive data on unencrypted devices has become way too common these days, popping up in places they definitely shouldn’t be. We’ll get back to why such devices shouldn’t lack encryption in the first place, but it’s still shocking when you hear how a bundle of 500 GB hard drives picked up at a Netherlands airbase flea market just so happened to contain 15 GB of sensitive medical records for Dutch patients. The data originally belonged to Nortade ICT Solutions, a now defunct IT vendor for the healthcare industry based in the city of Breda.

Acquiring the lot unintentionally for a mere €5 (that’s $5.21 USD for any fellow math avoiders) each, the purchaser, a self-professed computer nerd whose passion involves technological tinkering, discovered health records from 2011-2019 in the sets.  Ironically, this individual also hails from Breda.  It just goes to show how sometimes a data breach can be found practically on one’s own doorstep.  He quickly discovered that pharmacy data, addresses, medication details, the Dutch equivalent of Social Security numbers, and more were included on the hard drives.

Who ensures the safety of sensitive patient data when the original company is out of business?  Once it’s out in the wild, this becomes virtually impossible.

Unsurprisingly, there are already data disposal laws in place in the Netherlands, requiring organizations that handle data to wipe medical information from storage devices, specifically by professional companies.  In this case, it seems Nortrade took the route of getting rid of the devices on their own, loaded and vulnerable, perhaps to bring in some extra profit: in short, the most irresponsible, insecure method of disposal.  Even smashing or otherwise breaking the drive would have provided more security to the patients whose data was exposed.  More egregious still, according to a Malwarebytes report, is the fact that an IT vendor like this had no business storing these records in the first place, let alone in unencrypted fashion. 

Of course, Nortrade eventually went out of business, but unless you consider that as some cosmic metaphysical repercussion for poor data hygiene, they managed to slide by irresponsibly without being held to account.  

If regulations are going to lack the teeth they had in years prior, it falls on regular individuals to demand safeguards against avenues to fraud and identity theft.  Calling on organizations like Nortrade to encrypt any valuable data on their devices is a must.  Indeed, encryption could have prevented this whole situation.  A strong solution, like NetLib Security’s Encryptionizer, ensures sensitive data that might turn up at a thrift store will be unreadable and useless on their discarded devices.  Installation and operation is a simple and straightforward process, and no additional programming is required on the client end to protect your devices, servers, applications and legacy systems.

You can easily carry on a free evaluation of NetLib Security’s powerful Encryptionizer platform for a test drive while you relax on your flight. Point and click and it does the work for you before the flight attendant even comes around with snacks. 

Still have questions? Reach out to us, and our team of experts will be happy to analyze your unique circumstances and offer personalized recommendations tailored to your specific needs and goals. Don’t miss this opportunity to gain a fresh perspective and explore potential avenues for improvement and growth. Don’t be like the Dutch healthcare vendor. Take your data security as seriously as we do.