Old Fashioned Data Theft

Dave G. | November 5th, 2007 | Filed Under: Industry Punditry

On friday, The Register reported that CI Host, a Chicago-based co-lo was subjected to a burglary. This was not their first time.

In spite of “multiple layers of 24x7 security cameras, proximity card readers, biometric access controls and key pads, double-locking mantraps at data center entrance and 360-degree perimeter and roof surveillance”, CI Host was burglarized at least four times in the past 2 years.

In the most recent incident, “at least two masked intruders entered the suite after cutting into the reinforced walls with a power saw,” according to a letter C I Host officials sent customers. “During the robbery, C I Host’s night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.” At least 20 data servers were stolen, said Patrick Camden, deputy director of news affairs for the Chicago Police Department

This might be the way of the future for mass credit card theft happens. I wonder how many individual credit cards are located in that facility? Or more importantly, on the servers that were plundered from that facility.

It’s 4:50PM do you know if your servers are still in your colo?

8 Comments so far

  • sigsegv

    November 5th, 2007 7:25 pm

    0wned.

  • dre

    November 5th, 2007 9:33 pm

    what, no mention of the layer-1 session hijacking advisory?

  • dre

    November 6th, 2007 3:21 am

    looks like 4chan has picked up on this

  • paul_one

    November 6th, 2007 8:16 am

    Erm, reinforced walls done-in with a ‘power saw’!?

    So you’re telling me this is, infact, a building made out of paper mache reinforced with what - balsa wood!?

  • Nate

    November 6th, 2007 2:07 pm

    Words added to quote: 30%

    You guys can do better than re-pimping slashdot links!

  • PaulM

    November 6th, 2007 5:32 pm

    This thing stinks to high heaven because:

    1) Hosting companies’ are notoriously bad at network security. Where is nearly all of the US-based malware served from? It rhymes with Cheerio. So we can eliminate data as the target, since it would have been easier and safer to steal data over the net.

    2) That was a lot of violence and physical risk to then steal a few hundred pounds of hardware. Why not knock over Lester Lampert or Tiffany? Pound-for-pound, jewelry is much more valuable than server hardware.

    Between that and the 4-times-in-2-years thing, I guess I smell an inside job or some other connection between CI Host and the burglars. Hell, look at what they took. The resale value of all this stuff is in the $10-20K range at best.

  • Nathan McFeters

    November 9th, 2007 12:09 pm

    And here I had thought that network security was the biggest risk in a colo env.

    Right here in me and Tom’s backyard in Chicago too. Crazy… freaking power saws… for some reason this makes me think of playing Doom.

  • blog.sudosu.net - A Weak Defense: Breakins at CIHost.com

    March 30th, 2008 4:20 am

    […] There’s very little payoff in stealing 20 servers (the amount stolen in the recent robbery) for the hardware value — this is most likely about stealing the DATA on the servers. Most people in the market for rackmount servers wouldn’t buy them off trucks, and so you’ve got a crime with serious time and very little payoff if they were stealing hardware. I wonder how much valuable data (including credit card numbers) was stored on those boxes? […]

    • Leave a reply