Data security firm Blancco Technology Group recently conducted an experiment whereby they purchased 200 used data drives, then conducted a forensic analysis to determine whether they contained confidential/personally identifiable information.
The result? 67% contained personal information and 11% contained sensitive business data including emails, spreadsheets, social security numbers, strategic and planning information, and inventories. 36% showed evidence of attempted data deletion, although the “deleted” data was easily recovered in many cases.
Since many individuals and businesses often sell, repurpose or donate excess or depreciated equipment, this vulnerability is likely widespread. The study concludes that the resale of equipment without properly wiping the data (which means more than just using the “delete” function or moving files to the recycle bin) remains a common source of data breaches.
Sign up for a weekly email digest of my blog posts and articles.