Example NaN Of Poor Security Practices
Background
I needed some specific bank statements from my bank to send to someone else for a transactional record. π¦
How The Process Went
Called my bank to request the specific statements as pdfs. (yep. called.) βοΈ
My bank said they would send me the encrypted pdfs via email and send me the password separately via the online banking communication system. Ok cool, thatβs easy enough. Also, thanks for not sending my personal banking info as clear text through email! π§ π
Received the emails in my email, and they opened right up.. No password needed. Hmm. Ok, well, I guess they forgot to actually encrypt them..? Nice. π€·ββοΈ
I forwarded the pdfs along to the party that needed them and assumed I was done. I then got a reply from them asking for βthe password to unlock the pdfs.β WTF?! π
No idea what they used to βencrypt the pdfβ but apparently that security only goes as far as the Windows operating system and does absolutely nothing when it comes to viewing the pdfs on a Mac via Preview, Quick Look, PDF Expert, or any other pdf viewer you can think of. π€¦ββοΈ
As usual, security is given the least emphasis and lowest budget when it comes to securing our personal data. π‘