Some Japanese universities found out the hard way about the risks of networked multifunction printers:
Personal information on students and other university members, which is read by and stored in all-in-one machines at the University of Tokyo and two other universities, was left accessible to the public via the Internet, it has been learned.
The documents whose data was stored in multifunction machines—which can function as a printer, copier, fax machine and scanner—included residence certificates, examination papers and a scholarship application form, according to Yomiuri Shimbun research.
A total of 264 people, mostly university students, have been affected by the case.
Most all-in-one machines currently marketed by electronics manufacturers are designed for online connection. Data stored in such equipment can be accessed and browsed from outside if their default settings are kept intact. “We didn’t know such a mechanism existed,” a university official said.
«Electronics makers have made rapid progress in expanding the versatility of photocopiers, but they are barely aware of the importance of information security. They should adequately tell users there’s an increasing danger [involved in using multifunction machines] due to a growing number of malicious attackers now», – said Prof. Seiichi Shin, an information security expert at the University of Electro-Communications.
The institutions affected by the case are the Institute of Medical Science at the University of Tokyo, Tohoku University and the University of the Ryukyus.
