News

'Deleted' data found on second hand devices and drives

Date: 2015-11-03

A global data security study from Blancco Technology Group has found varying amounts and types data on second hand hard drives, solid state drives and mobile devices purchased online from Amazon, eBay and Gazelle.com between May and August 2015.

Despite a deletion attempt on 57 percent of the mobile devices and 75 percent of the drives, the used items still contained data including sensitive information and information about the original users’ identities. 

According to the study, thousands of leftover emails, call logs, texts/SMS/IMs, photos and videos were retrieved from 35 percent of the mobile devices. A total of 2,153 emails and 10,838 texts/SMS/instant messages were retrieved from the mobile devices analysed.

Additional findings from the study include:

·  Basic file-deletion commands leave hard disk drive users with a false sense of security. On four of the drives containing residual data, or 11 percent, only a basic delete was performed, meaning that the user simply deleted the file or sent it to the recycle bin. This left 444,000 files exposed.

·  'Quick format' and reformatting are common, but unreliable, tactics to wipe personal information clean from old hard drives. Our analysis showed that 'quick format' had been performed on 61 percent of the drives with data still present.

·  Data is difficult to delete and can easily resurface after mobile devices are resold. Fifty-seven percent of the mobile devices with residual data found on them had a deletion attempt made on them, which left 179 texts, 252 instant messages, 75 large photos and two SMS messages exposed.

·  Leftover emails, text messages and instant messages can cause personal, financial and reputational damage to users and their employers. 

Paul Henry, information technology security consultant for Blancco Technology Group, explained, “Whether you’re an individual, a business or a government/state agency, failing to wipe information properly can have serious consequences.”

“One of the more glaring discoveries from our study is that most people attempt in some way or another to delete their data from electronic equipment. But while those deletion methods are common and seem reliable, they aren’t always effective at removing data permanently, and they don’t comply with regulatory standards. There’s no better example of this danger than the findings of a recent state audit, which found that 12 U.S. state agencies responsible for handling taxes, programs for people with mental illness and drivers’ licenses used inadequate methods to attempt to wipe information.”

Russell Richardson are experts in secure, certified data destruction with services including hard drive shredding, secure IT recycling and mobile device recycling. Contact Russell Richardson on 0800 294 6552 or click here for more information.