Used Scanner Found with Thousands of Stored Check Images

The Canon document scanner could have been a gold mine for identity thieves

2 min read
Used Scanner Found with Thousands of Stored Check Images

Regular readers may recall that in December I blogged about copier, printer and multifunction device security. In an interview, Dennis Amorosano, a senior director of Canon USA, argued that commercial and government organizations routinely neglect to secure such devices. Another story surfaced last weekend that reemphasized his point.

According to The Hook, a Charlottesville, Virginia newspaper, an employee at the University of Virginia Claude Moore Health Sciences Library bought a surplus Canon document scanner (CD-4050N) on eBay for $500. He wanted to use it for some archival work.

However, this person quickly discovered that the scanner's drive had not been wiped clean, and that it contained images of thousands of personal and business checks, one as large $500,000. A Canon brochure on the scanner says that its local disk drive can hold up to 20,000 pages of material which "...are easily retrieved on a local or remote PC."

As it turns out, that the scanner had previously belonged to North Carolina State University  where it "had been used in the University cashier's office to copy and endorse incoming checks from June 2004 until April 2006."

I wonder what a skilled (or even not so skilled)  identity thief could do if you gave them a copy of a personal or business check with name, address, a signature, in some cases a social security number or telephone number and, of course, detailed bank account information as starting material.

In this case, the scanner-buyer returned it to NC State, which is now in the process of notifying those persons and organizations that had their checks and other documents scanned on the copier. NC State told the Hook that its "staff followed the surplus protocol at the time before it was understood that copiers and this kind of scanner held information in its memory."

NC State didn't indicate whether it was also trying to discover if any other document scanners it sold as surplus might also have followed the same surplus protocol.

By the way, if you Google "Canon CD-4050N," you will quickly find many on eBay or Craigslist clearly listed for sale as a "used check/document scanner." I wonder: How many of those also contain thousands of check images on their hard drives?

The Conversation (0)

How the FCC Settles Radio-Spectrum Turf Wars

Remember the 5G-airport controversy? Here’s how such disputes play out

11 min read
This photo shows a man in the basket of a cherry picker working on an antenna as an airliner passes overhead.

The airline and cellular-phone industries have been at loggerheads over the possibility that 5G transmissions from antennas such as this one, located at Los Angeles International Airport, could interfere with the radar altimeters used in aircraft.

Patrick T. Fallon/AFP/Getty Images

You’ve no doubt seen the scary headlines: Will 5G Cause Planes to Crash? They appeared late last year, after the U.S. Federal Aviation Administration warned that new 5G services from AT&T and Verizon might interfere with the radar altimeters that airplane pilots rely on to land safely. Not true, said AT&T and Verizon, with the backing of the U.S. Federal Communications Commission, which had authorized 5G. The altimeters are safe, they maintained. Air travelers didn’t know what to believe.

Another recent FCC decision had also created a controversy about public safety: okaying Wi-Fi devices in a 6-gigahertz frequency band long used by point-to-point microwave systems to carry safety-critical data. The microwave operators predicted that the Wi-Fi devices would disrupt their systems; the Wi-Fi interests insisted they would not. (As an attorney, I represented a microwave-industry group in the ensuing legal dispute.)

Keep Reading ↓Show less