34% of resold hard drives contain personal data, study reveals

Missile launchResearchers from BT and the University of Glamorgan are in the news today because they have found a disturbing number of hard drives sold on auction websites and at computer fairs contain sensitive information.

The study, conducted in the UK, United States, Germany, France and Australia, uncovered that 34% of the randomly purchased 300 drives contained personal data, including bank account and medical information that could be exploited for the purposes of identity theft.

In addition, details of test launch procedures for a ground-to-air missile defence system was found on a disk purchased on eBay.

We’ve discussed before the problem of people selling on used hardware like disk drives without properly wiping it. Last August, for instance, we revealed how details of bank customers was found on a hard drive sold on eBay for £35.

With sensitive data like this regularly resurfacing on used hard disks, I wouldn’t be surprised if old clapped out hard drives have a higher monetary value than brand spanking new ones. 🙁

If the data on your hard drive was properly encrypted, of course, then you wouldn’t need to worry about what happens next to your hardware – because the identity thief wouldn’t be able to detangle the gobbledygook.

Don’t make it easy for the criminals. If you’re dumping old hardware, make sure you dispose of it appropriately and ensure that any data contained on the drives is either securely wiped or was strongly encrypted in the first place.