SEM Surpasses Expectations in Steps for Vets Event Ahead of Memorial Day

June 2, 2025 at 1:24 pm by Amanda Canale

Security Engineered Machinery (SEM), a leading provider of high-security data destruction solutions, announced the successful conclusion of its Steps for Vets event, which was held the week leading up to Memorial Day. The initiative, which encouraged employees and participants to collectively track their steps, raised awareness and support for veterans’ causes.

Steps for Vets is a 5k fundraising event organized by U.S. Vets, one of the nation’s largest nonprofit organizations dedicated to ending homelessness among veterans. Participants have the option to walk, run, or roll at their own pace, both at in-person events or remotely. The annual event encourages participants to track their steps, promoting physical wellness while raising awareness and funds to support U.S. Vets’ mission to provide critical services, housing, and support to veterans in need.

The event was brought to SEM’s attention by the company’s Culture Committee, an employee-led group dedicated to fostering community engagement, planning company-wide events, and supporting philanthropic initiatives.

“As a veteran-founded company, supporting causes that benefit our nation’s veterans is deeply personal to us—especially around Memorial Day,” said Steve Watson, SEM Culture Committee President. “The Steps for Vets initiative was a meaningful opportunity for our team to come together in support of those who have served.”

SEM’s collective participation helped surpass the initial goal of 100,000 total steps, reaching more than 217,000 steps, with contributions from SEM employees and management. Team members joined the initiative from all over the country; from their Westborough and Hudson, MA facilities, remote sales team, and traveling service technicians.

Founded in 1967, SEM is a veteran-founded organization with a deep commitment to supporting the military community. The Steps for Vets event, held in conjunction with Memorial Day, provided SEM with a meaningful opportunity to honor the sacrifices of service members while promoting physical activity and community engagement during a time when individuals and organizations across the nation reflect on and pay tribute to those who have served. SEM’s participation in this initiative demonstrates their dedication to supporting those who have served in the military, as well as its broader corporate social responsibility efforts.

The funds raised during the event will go toward supporting veteran-focused charities, providing much-needed assistance to those who have served the country.

“It was incredibly rewarding to see such enthusiastic participation from our team, with over 217,000 steps logged—more than doubling our original goal,” says Andrew Kelleher, SEM President. “Together, we’ve shown the power of collective effort and our ongoing commitment to supporting those who have served our country.”

For more information on SEM, please visit www.semshred.com.

About U.S. Vets

U.S. Vets is one of the largest nonprofit organizations dedicated to ending homelessness among veterans. With programs in cities across the United States, U.S. Vets provides critical services such as housing, employment assistance, mental health support, and case management to help veterans transition successfully to civilian life. To learn more, visit usvets.org

SEM Reinforces Environmental Commitment with Annual Earth Day Cleanup Effort

April 22, 2025 at 4:22 pm by Amanda Canale

In honor of Earth Day 2025, Security Engineered Machinery Co., Inc. (SEM), a global leader in high security information end-of-life solutions, organized a community cleanup effort on Thursday, April 17, 2025, near its corporate headquarters on Walkup Drive in Westborough, Massachusetts.

Now in its third consecutive year, the annual Earth Day event was a joint initiative between SEM’s Culture Committee and its ISO 14001 Task Force. Together, the teams engaged employees in a hands-on cleanup to support SEM’s ongoing commitment to environmental responsibility and community involvement.

SEM team geared up to begin neighborhood cleanup

“At SEM, we take great pride in being a responsible corporate citizen, and that includes doing our part to protect the environment,” said Andrew Kelleher, President of SEM. “This Earth Day initiative is more than just a cleanup—it’s a reflection of our values and our commitment to continuous improvement, both in our operations and in our community. I’m proud of our team for showing up with such enthusiasm and making a positive impact right here in Westborough.”

SEM employees, from both the Westborough and Hudson locations, participated in the event, collecting litter along Walkup Drive. The company worked in collaboration with the Westborough Department of Public Works to supply waste bags and ensure proper disposal of the collected debris.

“Our environment gets very polluted with trash, especially over the winter months, so doing our part with some spring cleaning is a necessity to the entire SEM team,” said Steve Watson of SEM’s Culture Committee. “It’s an honor to partner with SEM’s ISO Team and see so many people come together for this important event, which is now in its third year. This is one of the most meaningful events on the SEM calendar, and we look forward to continuing and building on this annual tradition.”

green paper shredder

ISO 14001 is an internationally recognized standard for environmental management systems, providing a framework for organizations to minimize their environmental impact, comply with applicable regulations, and drive continuous improvement.

SEM’s Earth Day cleanup joins a list of long-standing corporate philanthropic efforts, including seasonal food drives and annual toy donations.

For more information on SEM’s corporate social responsibilities, please visit https://www.semshred.com/company/corporate-social-responsibility/.

SEM Introduces New 2mm Optical Media Shredder

June 18, 2024 at 8:00 am by Amanda Canale

Security Engineered Machinery Co., Inc. (SEM), global leader in classified and high security data destruction, is pleased to announce that its new Model OMD2X2 Optical Shredder has been evaluated by NSA/CSS and meets the requirements of NSA/CSS Specifications for Optical Destruction Devices following the NSA/CSS 9-12 Device Declassification Policy Manual. 

This cutting-edge device was specially designed and evaluated for the destruction of classified compact discs (CDs), digital versatile discs (DVDs), and Blu-ray discs (BDs). This cutting-edge device is now listed on the NSA/CSS EPL for Optical Destruction Devices and was specially designed for the destruction of classified compact discs (CDs), digital versatile discs (DVDs), and Blu-ray discs (BDs).

The Model OMD2X2 was designed for maximum efficiency and ease of use while destroying CDs, DVDs, and BDs alike down to a consistent 2mm x 2mm final particle size, regardless of the disk type, ensuring SEM would be able to provide an optical solution for the federal government. The device can shred at high volumes of hundreds of discs per hour.

“The creation of the Model OMD2X2 is a testament to SEM’s long-term commitment to innovation and security when it comes to data destruction solutions,” says Andrew Kelleher, SEM President. “With the ability to shred optical media to a final particle that meets the NSA requirements for optical destruction, we are providing our customers with the peace of mind that their data is secure beyond the latest mandate.” 

The Model OMD2X2 is an ideal solution for government agencies and entities and any organization requiring high security data destruction. Equipped with an auto-oiler and a large internal waste collection bin, the device prevents users from needing to routinely oil the machine manually, and allows for more shredding before changing bags, making the Model OMD2X2 a low maintenance destruction option. 

“Our advanced shredder ensures that sensitive information stored on optical media is irretrievably destroyed, providing the highest level of data security available,” says Todd Busic, SEM Vice President of Sales. “By introducing this new product, SEM continues to lead the industry in providing state-of-the-art data destruction solutions.”

For more information on the Model OMD2X2, visit https://www.semshred.com/explore-model-omd2x2/

 

SEM Gives Back to Community with Annual Food Drive

November 28, 2023 at 8:00 am by Amanda Canale

WESTBOROUGH, MA November 20, 2023 – Security Engineered Machinery Co., Inc. (SEM) has completed their annual mission of donating non-perishable food to the Worcester County Food Bank (WCFB)

The Worcester County Food Bank is one of only three Feeding America member food banks in the entire state of Massachusetts. In 2018 alone, the WCFB was able to distribute nearly 6.1 million lbs. of food to approximately 75,000 people throughout the county. 

In the true essence of Thanksgiving, SEM employees have united year after year to collect non-perishable food items to make a meaningful impact on their local community. The initiative is a testament to the company’s commitment to corporate social responsibility and fostering a sense of community.

The company-led food drive kicked off on November 6 and continued until November 17. Employees from various departments, both remote and local to the Westborough headquarters, enthusiastically embraced the opportunity and were able to gather 527 lbs. of food for the local food bank.

“As we approach Thanksgiving, we are reminded of the importance of gratitude and compassion,” says Amanda Canale, SEM Marketing Coordinator. “At SEM, we believe in the power of collective action and are so proud to be able to contribute to our local community, ensuring that no one goes hungry during the holiday season.”

The annual food drive is just one of a handful of philanthropic initiatives the company takes part in every year. 

“Our employees have always wholeheartedly embraced each opportunity to give back, which is something we have always been extremely proud of,” says Andrew Kelleher, SEM President. “Knowing that our efforts will make a difference in someone’s Thanksgiving celebration is truly heartwarming. We’re not just colleagues; we’re a family that cares about our community.”

SEM Celebrates Earth Day with Neighborhood Cleanup

May 16, 2023 at 7:30 am by Amanda Canale

WESTBOROUGH, MA May 5, 2023 – Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, spent Thursday, April 27, 2023 walking up and down Walkup Drive in Westborough, MA, where their headquarters are located, picking up trash. 

The SEM Culture Committee, a group of voluntary employees that plan interactive philanthropic and team-building activities, partnered with the company’s ISO 14001 task force to collaborate on an event to honor Earth Day, an annually recognized day centered around environmental protection celebrated on April 22. 

“At SEM, we are committed to protecting our environment in a multitude of ways,” says Lara Rapport, SEM Director of Quality. “Our ISO 14001 certification as just the tip of the iceberg when it comes to the continuous improvements we make in order to be as sustainable and environmentally conscious as possible.”

ISO 14001 is a familial set of standards developed in the mid-1990s to help organizations minimize how their operations negatively affect the environment (or cause adverse changes in air, water, or land), educating the organization on how to comply with applicable laws, regulations, and other environmental standards, and how they can sustain their efforts.

“Our cleanup initiative was something that our two groups had collaborated on as a way to not only educate our team on our ISO 14001 efforts, but also to really drive home the message that we can make serious change when it comes to our local environment,” says Amanda Canale, SEM Marketing Coordinator. 

The two teams worked closely with the Westborough Department of Public Works to coordinate the delivery of empty waste bags and the pickup of the collected trash. The cleanup event saw an attendance of over twenty employees, including company president, Andrew Kelleher. The cleanup activity is just the latest in the company’s detailed history of giving back to their local community, adding itself amongst the annual food bank and toy donations, and Operation Playhouse. 

“We have always prioritized events and activities that are both interactive and morale-boosting, and serve a philanthropic purpose, and this one was our most well-received yet. We will be making this an annual SEM tradition,” states Rapport.

For more information on Security Engineered Machinery’s environmental policy, visit here. 

Paper Shred Sizes (and What They Mean)

March 30, 2023 at 2:14 pm by Amanda Canale

When destroying any end-of-life data, whether it be paper, hard drives, solid state drives, or other forms of media, there are very strict guidelines and laws that address how classified, top secret, and controlled unclassified information (CUI) should be disposed and securely destroyed. These requirements are determined by the National Security Agency (NSA) and the National Institute of Standards and Technology (NIST). 

For further context, the NSA mandates specific final particle sizes for top secret and/or classified data, regardless of the media form. They then evaluate and list end-of-life data destruction solutions that follow these mandates for destruction. (For a list of media destructions solutions evaluated and listed by the NSA, click here, and for more information what each data classification type really means, click here.)

While the federal government and government organizations are strict when it comes to how one should destroy end-of-life information, commercial companies and industries like healthcare, finance, banking, and more, are less stringent with their destruction instructions, with some left open to interpretation. 

Enter the DIN Standards. Also known as Deutsches Institut für Normung, DIN originated at the German Institute for Standardization in 1917 as a non-government organization that serves as the national standard when it comes to improving the rationalization, safety, environmental protection, and quality assurance between the government and the public. DIN is not often mandated but their guidelines serve as a widely accepted global standard while providing clarity to otherwise vague end-of-life information destruction mandates. 

DIN 66399 standards specifically provide end-of-life destruction particle size guidelines for information that resides on a wide range of media – including paper – and that specifies protection categories. (You can find more in-depth information about DIN standards here.) 

Even as we get further and further into the Digital Age, there is still such a high demand for paper. Some may say that paper is dead, but we know that paper will never really be dead. While the industries I listed above are not holding government secrets, they still store a lot of their sensitive and unclassified information on paper; information that needs to be securely destroyed or could result in severe consequences if it lands in the wrong hands.

Now that you have all of this background information, let’s get into why you’re here – what constitutes as a secure paper shred size? 

Seven Specific Security Levels 

P = Paper media requirements

Protection Category

Media Paper

Security Level

Security Level Particle Size Requirement

Class 1

P

1

12mm strips or maximum particle surface area of 2,000mm²

Class 1

P

2

6mm strips or maximum particle surface area of 800mm²

Class 1

P

3

2mm strips or maximum particle surface area of 320mm²

Class 2

P

4

Maximum cross-cut particle surface area of 160mm² with a maximum strip width of 6mm = 6 x 25mm

Class 2

P

5

Maximum cross-cut particle surface area of 30mm² with a maximum strip width of 2mm = 2 x 15mm

Class 3

P

6

Maximum cross-cut particle surface area of 10mm² with a maximum strip width of 1mm = 1 x 10mm

Class 3

P

7

Maximum cross-cut particle surface area of 5mm² with a maximum strip width of 1mm = 1 x 5mm

Here’s what each of these security levels look like:

DIN Level P-2 Paper Shred with penny for size comparison
DIN Level P-2 Paper Shred
DIN Level P-3 Paper Shred with penny for size comparison
DIN Level P-3 Paper Shred
DIN Level P-4 Paper Shred with penny for size comparison
DIN Level P-4 Paper Shred
DIN Level P-5 Paper Shred with penny for size comparison
DIN Level P-5 Paper Shred
DIN Level P-6 Paper Shred with penny for size comparison
DIN Level P-6 Paper Shred
DIN Level P-7 Paper Shred with penny for size comparison
DIN Level P-7 Paper Shred
DIN Level P-7+ Paper Shred with penny for size comparison
DIN Level P-7+ Paper Shred, a 50% smaller particle size than NSA mandate for paper, produced by SEM Model 344.

As you can tell based on the table and photos above, P7 is the smallest, most secure particle size (aside from the 0.8mm x 2.5mm particle from our Model 344, which is half the size mandated by the NSA for classified paper). Essentially, the smaller the particle, the harder it is to put back together. 

Why would you want to put a bunch of paper shreds back together? To get top secret information, of course! 

Allow us to introduce the DARPA Shredder Challenge. The challenge was created by a research and development agency of the U.S. Department of Defense back in 2011. The DoD invited top computer scientists and puzzle enthusiasts to essentially reconstruct paper shreds for a grand prize. 

The challenge ended when the winning team, who went by the name, “All Your Shreds Belong to US”, created an algorithm that automatically reconstructed the 10,000 pieces of paper based on various physical aspects of the shred, such as shred angle, shred size, and paper marks. Other teams used strategies ranging from crowdsourced-style methods to relying heavily on manual reconstruction. 

When it comes to end-of-life data destruction, it is always best to err on the side of caution. By opting for in-house data destruction methods, you and your company or agency are making the most cost-effective, safe, and secure decision. At SEM we have an array of high-quality NSA listed/CUI and unclassified paper shredders to meet any regulation and mandate, ensuring all of your end-of-life paper stays end-of-life. Any one of our exceptional sales team members are more than happy to help answer any questions you may have and help determine which machine will best meet your destruction needs.

Data Privacy Day

January 30, 2023 at 5:10 pm by Amanda Canale

Every year on 28 January, the National Cybersecurity Alliance (NCA) dedicates the entire week and 28 January specifically to bring awareness to the public on data protection and data security best practices. Even though we are diving deeper and deeper into the Digital Age, there’s still a large population of people who are not tech savvy, or frankly, even tech literate. The annual international campaign is called Data Privacy Day (DPD), and heavily focuses on educating people, both individuals and businesses, on how to comply with privacy laws and regulations. Moving forward, this will help the public know how they can better protect and manage their personally identifiable information (PII).

Millions of people across the globe are unaware of the various ways their PII is being used, collected, and shared, with many not knowing it’s also being sold by third parties. It’s this reality specifically why the NCA targets anyone with any sort of online presence. How did Data Privacy Day get its start? This internationally recognized day was initially established in 2008 in North America as an extension of Data Protection Day in Europe, which has been in effect since 1981. It is the first legally binding international treaty to recognize data privacy concerns. 

Last year, the NCA expanded Data Privacy Day into a week-long initiative called Data Privacy Week. The week-long campaign, lasting from 24-28 January, is filled with various steps, goals, and webinars individuals and organizations alike can make and attend as a way of encouraging transparency about how their PII is being used. 

You can find a full list of Data Privacy Week events here on the NCA’s website. Below, we break down the major takeaways both individuals and organizations should take from the week-long event.

Data: The Story of You

While you may not think your information is important or valuable, there are plenty of people out there who would do almost anything to obtain it. When it comes to keeping our PII and personal health information (PHI) safe, it is crucial to think of your personal data as the most valuable thing you own. If you were hiding some flashy, expensive, and highly coveted family heirloom, you would do anything to protect it, right? Think of your personal information as that heirloom; it is the most precious thing you have. Critical information such as your IP address, purchase history, and location can offer hackers a wealth of knowledge as to your income, spending habits, card information, and where you live. 

Know what to expect in the privacy/convenience tradeoff

Think about the last time you downloaded an app. What kind of information did you have to grant the app access to in order to use it? Share your geographic location? Grant access to your contacts and photo albums? For example, why does a puzzle app need access to my contacts and location in order for me to play? By allowing access to these very personal and private forms of information, you may be offering up much more than necessary.

When releasing or posting any private or personal information, it is best to make informed decisions on what you should do: weigh whether or not the information they are asking for is really necessary, how the benefits weigh against the tradeoff, and, honestly, if you really need the app at all. 

Adjust your privacy settings

If you decide to deem that puzzle app worthy of your phone storage and time, try to take an extra moment or two to review the app’s privacy and security settings, and adjust them to your comfort level as necessary. (I know, who even reads an app’s Terms and Agreements anymore, right? Wrong! You should!) While you’re at it, delete those apps you no longer use. In addition to taking up useless storage on your phone, they could also still be collecting data about you and your habits. 

You can get a head start with NCA’s Manage Your Privacy Settings page to get more information.

Protect your data

While data privacy and data security are not interchangeable, they are in fact a packaged deal. By adopting these practices, such as creating long and intricate passwords, utilizing multi-factor authentication when possible, and using a password manager you can continue to keep your passwords and information secure and up to date. 

Organization Level: Respect Privacy

As an organization, your consumers’ and customers’ private data should be your utmost concern. By respecting their data and being transparent, an organization instills trust which will in turn enhance reputations and company growth. 

Conduct an assessment

In a “post-COVID” world, more than 15% of total U.S. job opportunities are now remote. Regardless of if your organization operates fully remote, in a hybrid model, or is even located outside of the continental United States, it is important to understand the privacy laws and regulations in which your business operates and to ensure they are being followed. Especially when working with remote or hybrid employees, it’s best to reevaluate your security measures, access to individuals’ personal information, what that personal information may be and if it is still relevant to keep on file, and to maintain oversight of any outside partners and vendors as well to ensure they are not misusing your consumers’ information. 

Adopt a privacy framework

By adopting a privacy framework that works best for you and your consumers, an organization can help mitigate potential risk and implement a privacy culture within your organization. The NCA recommends reviewing the following frameworks to start: NIST Privacy FrameworkAICPA Privacy Management Framework, and ISO/IEC 27701 – International Standard for Privacy Information Management.

Educate employees

By creating an office culture surrounded by data privacy and data security, you are educating your employees on not only how to keep their personal information safe but how to better serve your consumers and their information. Engage staff by asking them how they view your current privacy culture, implement mandatory training and webinars, and consistently assess your current standards. 

In addition to these methods, transparency about how your collect, use, and share consumer information is crucial. Be up front and honest with your clients, users, or consumers about what they can expect their information to be used for and offer them other settings to protect their information by default.

And lastly, when your information-bearing media reaches end-of-life — whether hard drives, portable IT storage, or even paper — securely destroy it to prevent leaks and data breaches down the road.

SEM Introduces NSA EPL Listed High Security Solid State Disintegrator

January 24, 2023 at 8:00 am by Amanda Canale

Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, is pleased to announce that its new Model SSD2-HS high security solid state disintegrator meets the requirements of NSA/CSS 9-12 Storage Device Declassification Policy Manual. This revolutionary device is now listed on the NSA/CSS EPL and was specifically designed for the destruction of classified and highly sensitive solid state media and devices, producing an NSA mandated 2mm squared final particle size. 

“The SEM Model SSD2-HS is an exciting new addition to our long line of disintegrator devices and fills a large void within the intelligence community when it comes to classified SSD destruction,” commented Todd Busic, SEM Vice President of Sales. “This NSA listed device incorporates technologies to mitigate jams and increase operator health and safety via HEPA filters, making the SSD2-HS an industry first.”

The NSA states that in order for a solid state disintegrator to be NSA/CSS listed, it must be able to “reduce any solid state storage device to a maximum edge size of 2 millimeter or less” (NSA.Gov), making the SEM Model SSD2-HS a viable option for the destruction of end-of-life classified solid state material.

The Model SSD2-HS disintegrator has the power to cut through multiple steel plates, carriers, and other drives. The model’s dual stage cutting system features an auto unjam in both stages, robust safety features, and premium sound proofing. Together, the model’s dual stage cutting system combined with the solid steel rotor and cutting blades efficiently destroy multiple SSD-type devices.  

“The Model SSD2-HS is a state-of-the-art, clean, and revolutionary device that ensures the secure end-of-life destruction of any and all solid state devices,” commented Andrew Kelleher, SEM President and CEO. “Our engineers have been working tirelessly on this product and the device performance reflects that. Whether it’s laptop boards, thumb drives, or other memory modules, this machine can destroy it.”

In addition to powerful steel rotors, the device is equipped with premium sound dampening insulation, a waste evacuation system with high efficiency particulate filtration and external vacuum, and other features to ensure optimal operator and environmental health and safety.

“SEM has long been an innovator of high security information destruction technology and the new SSD2-HS continues that tradition of excellence,” noted Busic.

For more information on the Model SSD2-HS, visit https://www.semshred.com/explore-model-ssd2-hs/. 

Cybersecurity Awareness Month

September 29, 2022 at 7:27 pm by Amanda Canale

In 2004, the U.S. President and Congress declared Cybersecurity Awareness Month to be held every October. This would heavily encourage, educate, and assist citizens in staying safe online and teach them how to protect their information. Every year, the NCSA creates an engaging and informative campaign in order to raise awareness about cybersecurity and this year’s theme is “See Yourself in Cyber.”

Enable Multi-Factor Authentication

While data privacy and data security are not interchangeable, they are in fact a packaged deal. Implement and enforce best practices such as creating long and intricate passwords and utilizing multi-factor authentication when possible. What is multi-factor authentication? It’s just adding one more small step of the login process. 

First step: log in as usual. 

Second step: complete a second task to confirm your identity. (Think of it as bringing your license and a recent utility bill to confirm your identity at the bank.)  

The second step in the multi-factor authentication process is usually providing a special PIN code that was texted or emailed to you, or opening an authentication app. This is just an extra layer of security you can use when accessing sensitive information.

 

Use Strong Passwords

Verizon Data Breach Investigations found in a 2020 study that approximately 81% of all data breaches are caused by hackers easily accessing their sought after accounts. How are they able to easily access them, you ask? Two words: weak passwords. 

When companies, managers, and individuals fail to adhere to password guidelines, do not offer password training to your team and fail to educate themselves, and forgo multi-factor authentication procedures, businesses continue to put their cybersecurity at risk.

If you’re now second guessing your own passwords, good. If you’re not, we’re judging you a bit. (Don’t worry, we won’t leave you stranded.) Weak passwords are any sort of phrase or term that is common, short, and/or predictable such as the owner’s name, birthday, or the literal word, “password.” Instead, experiment with a longer password made up of a mix of upper and lowercase letters, numbers, and symbols to help keep your password and data safe. Essentially, the more complex the password, the harder it is for cybercriminals to hack your information.

 

Recognize and Report Phishing

We’re all humans and we all make mistakes. It’s inevitable! Unfortunately, mistakes have consequences. According to a 2019 study, more than 80% of reported data security incidents were caused by phishing attacks. When you interact with a suspicious email link, an attachment, and even senders, your risk of falling victim of a phishing scam rises every time. In today’s modern digital age, hackers have become upped the creativity when it comes to these sneaky scams. If an email or email address looks a bit off to you, it’s always best to either delete or send to your IT department to investigate.

Update Your Software

Regardless of the industry you’re in or kind of organization, having up-to-date, proper cybersecurity protocols and methods in place (in addition to proper in-house end-of-life data destruction!) should always be a priority. It is far too easy for hackers to access and steal sensitive data when your cybersecurity software is not up to date. Check with your business’s IT department or do your own research to make sure you are not ignoring any updates or downloading unauthorized software. It’s also important to note that one should never disable their software’s security features, especially if it is on a work-issued computer or laptop. Your online shopping can wait until you are in the safety of your own protected network and home.

To find out more about Cybersecurity Awareness Month, visit their website here.

Infamous Casino Data Breaches

July 7, 2022 at 6:13 pm by Amanda Canale

While many industries were negatively impacted by the 2019 coronavirus pandemic, one industry not only survived, but thrived: the commercial gambling industry. The casino and commercial gambling industry made approximately $44 billion in 2021, shattering their previous 2019 record. Given this major spike, experts are predicting that the gambling industry will become a neon target for future thieves and cyberattacks.

In our previous blog, Just How Secure Are Casinos?, we broke down the varying security measures casinos take in the form of RFID software located in playing chips, license plate recognition, and other advanced software to ensure that no stealing or cheating occurs. Fortunately, this advanced technology allows the casinos to remotely render chips and other materials worthless if someone were to steal them and allows personnel to have eyes on gamblers at all times.

However, unfortunately, these measures do not completely prevent casinos from being hacked. We’ve broken down a few of the more infamous casino data breachers below and included best practices to ensure that your data stays protected.

Clubillion

In summer 2020, the gambling app, Clubillion, found that their database had been “leaking data” from millions of the app’s customers. The app was contacted on March 23, 2020 but the database was not secured until April 5, 2020. What makes this data breach different than other similar data breaches is that the database was updated with up to 50GB (or 200 million records) worth of information daily. These records logged every player’s actions, their personally identifiable information (PII), private messages, and even IP addresses.

A rep from Clubillion stated that, “on a single day, tens of thousands of individual Clubillion players were exposed.” In addition to a loss in reputation and customers, the popular gabling app may be subjected to other scrutiny and fines from GDPR regulators and GooglePlay and app stores.

Slot Machine One Handed Bandit Game. Rolling Drums. Casinos and Gambling Industry.

Federal Group

In April 2021, Tasmanian casino operator, Federal Group, found themselves in the midst of a cyberattack after their pokies machines (otherwise known as slot machines) and hotel booking systems began to malfunction. At the time of the breach, the casino group was unsure if credit card details stored in the hotel booking system were also compromised and have yet to publicly release that information.

International privacy and security consultant, Terry Aulich, stated that he was “extremely disappointed” with the business’ cyber defenses and warned other Tasmanian organizations to learn from Federal Group’s mistakes. Between Federal Group’s two casinos, patrons had spent upwards of $53.7 million on pokies in the eight months leading up to the breach. 

MGM Resorts International

MGM Resorts International became the victims of a data breach in summer 2019, but it was not made public until February 2020 after a third party published an article detailing the breach. The breach had compromised the records of over 10.6 million guests dating back from 2017. The cyberattackers were able to hack into the resort’s cloud server and then was posted to a public hacking forum. 

Guest PII such as full name, home and email addresses, phone numbers, and birthdates had all been breached, but luckily did not include financial or payment card information. The breach wasn’t also just limited to guests; victims ranged from tourists and travelers, to media reporters and journalists, to company executives and employees. 

At SEM, we offer secure, in-house destruction. With our low and high volume disintegrator solutions, casino materials and solid state boards can be easily destroyed to a predetermined and consistent particle size. As we know, casinos house a lot of sensitive information regarding personnel, patrons, financial information, and advanced technology that should be secured, even in end-of-life. 

Depending on the needs of the casino, SEM has every device necessary to properly and efficiently disintegrate chips as intended since our inception in 1967. Any one of our exceptional sales team members are more than happy to help answer any questions you may have and help determine which machine will best meet your destruction needs.

For more information on our casino solutions, visit our website here