|
Mae Wong
- The Associated Press
SAN JOSE, Calif. - Consumers are bombarded with warnings
about identity theft. Publicized threats range from mailbox
thieves and lost laptops to the higher-tech methods of e-mail scams
and corporate data invasions.
Now,
experts are warning that photocopiers could be a culprit as well.
That's
because most digital copiers manufactured in the past five years have
disk drives- the same kind of data-storage mechanism found in
computers to reproduce documents. As a result, the seemingly
innocuous machines that are commonly used to spit copies of tax
returns for millions of Americans can retain the data being scanned.
If the data on the copiers disk aren't protected with incription or an
overwrite mechanism, and if someone with malicious motives gets access
to the machine, industry experts say sensitive information from
original documents could get into the wrong hands.
Some
copier makers are now adding security features, but many of the
digital machines already found in public venues or business offices
are likely still open targets, said Ed McLaughlin, President of Sharp
Document Solutions Company of America. " You actually have a
better chance of winning 10 straight rolls of roulette then getting
those hard drives on copiers rewritten," he said.
Sharp
plans to issue a warning about photocopiers vulnerabilities today-
just ahead of tax time.
The
company, one of the leading makers of photocopiers, commissioned a
consumer survey that indicated more than half of Americans did
not know copiers carried this data security risk. The telephone
survey of 1,005 adults, conducted in January, also showed that 55
percent of Americans plan to make photocopies and printouts of their
tax returns and related documents.
Of
that segment, half planned to make copies outside their homes- at
offices, libraries and copy shops. An additional 13 percent said
they plan to have their tax prepares makes copies.
Although industry and security experts were unable to point to any
known incidents of identity thieves using copiers to steal
information, they said the potential was very real. "It is a
valid concern and most people don't know about it," said Kieth Kmetz,
analyst at market researcher IDC. " Copying wasn't like this
before."
Added
Paul DeMatteis, a security consultant and teacher at the John Jay
College of Criminal Justice at the City University of New York:
" we know there are bad people out there. Just because this is
difficult to detect doesn't mean it isn't being exploited."
Daniel Katz-Braunschweig, a chief consultant at DataIXL, a business
consulting firm, includes digital copiers among his list of data holes
corporations should try to protect. He couldn't specify names
but, said a few of his company clients did learn about the
vulnerability after their copiers were resold and the new owners- in
good faith- notified them of the data residing on the disks.
Sharp
was among the first to begin offering, a few years ago, a security kit
for its machines to encrypt and overwrite the images being scanned, so
that data aren't stored on the hard disks indefinitely. Xerox
Corp. said in October it would start making a similar security feature
standard across all of it's digital copiers.
Randy
Cusick, a technical marketing manager at Xerox, said many entities
dealing with sensitive information, such as government agencies,
financial institutions, and defense contractors, already have policies
in place to make sure copier disks themselves or the data stored on
them are secured or not unwittingly passed along in a machine resale.
Smaller businesses and everyday consumers are less likely to know
about the risk, but should, he said.
Sharp
recommends that consumers take precautions, such as asking their tax
preparers or the copy shops they are using about whether their copier
machines have data security installed.
|
