Dumpster Dive Reveals Security Risk (case study)

Client Profile

Asset Holdings: $1.5 billion
Industry: Financial Institution
Geographic Footprint: 30+ locations in Kansas City metro

CBIZ conducts social engineering exercises to help pinpoint security weaknesses.Issue

Financial institutions are required to protect customer data and could face penalties if an issue is found with their information security. A bank wanted to proactively test its protocol for disposing of sensitive documents and enlisted CBIZ to help.


Our social engineering team waited until the end of business hours and then rummaged through the bank’s parking lot dumpster. Among the waste, we discovered documents that had been hand-torn into tiny squares and others that had been shredded vertically. We reassembled the documents and found secure customer emails that contained travel plans and valid system usernames and passwords.

These findings and others were compiled into a final report that also included recommendations for how the bank could mitigate its future risks. Using a third-party to shred and dispose of sensitive documents ranked among the bank’s top suggestions for ways to improve its information security procedures.


Information data breaches are only becoming more common and more expensive, with costs now estimated at more than $150 per compromised record. By addressing the loophole in its document disposal practices, the bank reduced its risk of a data breach and the ancillary consequences that come with it, such as regulatory penalties and damage to customer confidence.

Mitigate Your Risks

Learn more about how our team’s comprehensive social engineering assessments help you mitigate your key risks.

Download our case study

Copyright © 2016, CBIZ, Inc. All rights reserved. Contents of this publication may not be reproduced without the express written consent of CBIZ. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.

CBIZ MHM is the brand name for CBIZ MHM, LLC, a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of publicly-traded and privately-held companies. CBIZ MHM, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ).

Dumpster Dive Reveals Security Risk (case study)A social engineering exercise that involved dumpster diving uncovered a security risk at a bank....2016-04-28T20:09:00-05:00

A social engineering exercise that involved dumpster diving uncovered a security risk at a bank.

Risk MitigationRisk Advisory Services