iTnews
  • Home
  • News
  • Technology
  • Security

Critical data found on second-hand hard drives

By René Millman on Aug 10, 2006 12:23PM

Organizations and individuals are still leaving critical data on disks later sold on through online auctions and computer fairs, according to a new study.

The research carried out by BT, the University of Glamorgan in Wales and Edith Cowan University in Australia found payroll information, mobile telephone numbers, copies of invoices, employee names and photos, IP addresses, network information, illicit audio and video files, financial details including bank and credit card accounts on hard drives purchased from a number of sources.

The research, based on more than 300 computer hard drives from U.K., North America, Germany and Australia, showed that while 41 percent of the disks were unreadable, 20 percent contained sufficient information to identify individuals, 5 percent held commercial information on organizations, and 5 percent held "illicit data."

The research revealed that, for a significant proportion of the disks that were examined, the information had not been effectively removed and as a result, both organizations and individuals were exposed to a range of potential crimes. The report's authors said the figures were an "improvement on those from the previous year's research, still show an alarming level of sensitive information being released."

They said that despite an increasing maturity of information security and awareness, increasing regulations and significant publicity, organizations are still not modifying their procedures to ensure that information is effectively removed before computer disks are disposed of.

Dr. Andy Jones, head of security technology research at BT, who led the research said: "So much has been said already about the availability of information disposal tools, increasing legislative pressures and the growing literacy of computer users that it is difficult to explain why there is still such poor cleansing of disks. When organizations dispose of surplus and obsolete computers and hard drives, they must ensure that, whether they are handled by internal resources or through a third party contractor, adequate procedures are in place to destroy any data and also to check that the procedures that are in place are effective."

Dr. Andrew Blyth who leads the research team at the University of Glamorgan commented, "Now in its second year, this research proves that companies and individuals still need to take this issue of the disposal of information stored on hard drives more seriously. Just from looking at this random sample, it is obvious that there are hard drives on public sale that still contain highly confidential material."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
criticaldatadrivesfoundhardonsecondhandsecurity

Partner Content

Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By René Millman
Aug 10 2006
12:23PM
0 Comments

Related Articles

  • Qld gov proposes mandatory data breach reporting for agencies
  • Law firm mulls class action over NDIS software provider data breach
  • NDIS case management system provider breached
  • 50k customers caught up in Spirit Super phishing attack
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Researchers hacked Oracle servers to demo serious vulnerability

Researchers hacked Oracle servers to demo serious vulnerability
PayTo rollout kicks off

PayTo rollout kicks off
Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
The security threat of quantum computing
The security threat of quantum computing
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.