Breaking News

Uber to Layoff 350 Employees PCI Express 6.0 Specification Revision 0.3 Complete NTT DOCOMO Introduces Passwordless Authentication for d ACCOUNT Harley-Davidson Stops LiveWire Production Google's USB-C Titan Security Keys Available in the US

logo

Sensitive Data Available For Sale On eBay

Sensitive Data Available For Sale On eBay

Enterprise & IT 0

Sensitive data has been found on 42% of hard drives purchased on eBay and analyzed by Ontrack for a Blancco Technology Group report.

The storage drives were purchased from eBay in the U.S., U.K., Germany and Finland. As well as the sensitive data, researchers also found personally identifiable information (PII) on 15% of the forensically analyzed drives.

Every eBay seller that the researchers interacted with insisted that proper data sanitization methods had been used to ensure no data was left on the drives before being offered for sale. The breadth of information that was recovered from these drives, however, suggests otherwise. One drive belonged to a software developer "with a high level of government security clearance" that still contained scanned images of family passports and birth certificates along with financial records. Other drives were found to have 5GB of archived internal office email from a major travel company, 3GB of data from a freight company including documents that detailed shipping schedules and truck registrations, university student papers and associated email addresses and school data that was comprised of photos and documents with pupil names and grades.

"Selling old hardware via an online marketplace might feel like a good option" Fredrik Forslund, vice-president of cloud and data erasure at Blancco, says, "but in reality it creates a serious risk of exposing dangerous levels of personal data." This risk is increased when the organizations disposing of these drives, and the companies selling them on eBay, are under the impression that all data has been securely erased as part of the hardware decommissioning process.

Historically, the best practice as far as wiping drives to preclude data leakage involved forensic tools that used high-powered magnets. However, that is of little use when Solid State Drives (SSDs) are involved as they employ integrated circuit assemblies as memory. In order to ensure certainty data cannot be recovered, physically destroying, or shredding, the drive is the answer.

Related Posts

0 Comments

Leave a Reply

More information about text formats

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

BBCode

  • No HTML tags allowed.
  • You may use these tags: [abbr], [acronym], [b], [center], [code], [color], [define], [font], [h1], [h2], [h3], [h4], [h5], [h6], [hr], [i], [img], [justify], [left], [list], [node], [php], [quote], [right], [s], [size], [sub], [sup], [u], [url], [wikipedia], [youtube], [align], [link], [ol], [ul]
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.