Second Hand Drives, First Class Data !

Disposing of old Gadgets? Safeguard your Personal & Confidential Data first

A new Stellar data recovery study reveals hard disk drives available on classifieds websites contain high-risk data

We are all saddled with an inventory of old hard disk drives coupled with an urge to quickly get rid of same by selling them off on popular online sites. We believe that by formatting our Drives, we have taken requisite precaution for securing data privacy. But is this sufficient? A recent analysis done by Stellar Data Recovery reveals that hard disk drives available on second-hand marketplace sites contain a significant amount of confidential data. For the sample collected, sensitive data was uncovered in 100% of cases.

As part of the study, multiple hard disk drives were purchased from India’s leading online platform which facilitates buying and selling of second-hand products. The data from these drives was then recovered using simple Do It Yourself software Recovery Tools available online. For all such cases where the data was not securely erased, the data recovery was accomplished easily within a day.

Most consumers in India are unaware that data can be recovered from their legacy drives and mobiles and steps like formatting are not enough for ensuring data privacy. Consequently, there is a grave risk of private and confidential data from these legacy devices being passed onto the buyer of such devices. The study further reveals that the vast majority of Indians are still unfamiliar with data sanitization methods; often referred to as data erasure methods, data wipe methods, wipe algorithms, and data wipe standards. The drives purchased for this study were formatted but not wiped using any correct method and after running ‘data recovery software,’ huge data contained in files were recovered. This underlines the need to adopt secure data erasure methods before disposing of old & obsolete hard disk drives, refer https://www.bitraser.com/need-for-professional-data-erasure-tools

Stellar Data Recovery Study

Data Recovered

BUSINESS/CORPORATE

  • Company profit and loss statement
  • Year wise sales statements
  • Advertisement and hoarding designs and templates
  • Dispatch and shipment plans of company
  • Company logos, letterhead templates and designs
  • Company event collaterals like seminar and conferences brochures and catalogues
  • Customer database of information like name, phone no and email id
  • Corporate company PPT’s with company brief
  • Company marketing and sales presentations
  • Company newsletters, fact sheets

PERSONAL

  • Personal information like name, phone no. and email id
  • Credit Card Details, Bank Account Statements
  • Personal Health Data
  • Personal trip photos with family
  • Movies, Videos, Song collection

MISCELLANEOUS

  • Educational collaterals like test papers, thesis, and periodicals
  • e-books on gardening
  • Academic coursework related to organic chemistry

EMAILS

  • PST Files

EXPLICIT Data

  • Porn Videos

OTHERS

  • PDF marketing design files

In one such hard disk drive, the comprehensive business details of an Automotive showroom, including monthly sales, historical sales records, pricing list, feedback forms and complete customer information comprising names, addresses and contact numbers was identified. In another startling case, the extensive personal information comprising the name, age, date of birth, phone contact list, bank statement, credit card statements, personal photographs, pirated software, music and videos were recovered. A huge amount of critical and sensitive data which includes official data like Accounting data, Tally® files, corporate presentations, design files and invoices have also been recovered. The study highlights that individuals are not the only ones at risk for identity theft, the companies are at an increased risk as well.

While disposing of their old gadgets like hard disk drives or else mobiles, consumers, both individuals and corporates alike, unknowingly risk passing their most sensitive data to strangers, hackers and cybercriminals when they discard these drives. This grave risk exists till the data is not securely erased by a recognized software data erasure. Companies spend billions of dollars to secure their network and keep information confidential however they can end up in a total business loss situation when the disposed old drives with insecure erasure are misused by cyber criminals.

Safeguard Your Personal Data

In case of individuals, thanks to the proliferation of electronic gadgets, we all have a habit of saving passwords for personal bank accounts, personal health records and e-mails in hard drives. The leakage of such sensitive information is a grave threat to your identity and your data privacy.

Imagine losing your Honeymoon photos, private videos or family vacation videos to a cybercriminal. A huge amount of sensitive information can be recovered from these. As an illustration, most of our photos and videos contain very specific geolocation data and we can also uncover when these were taken, in other words not only the photos or videos themselves but also the accompanying information of location and time can be shared with the entire world, taking your privacy for a toss.

Worse, imagine your credit card details being available along with your identity documents, these two coupled together can lead to your entire credit limit being wiped off immediately with funds withdrawn with explicit and malafide intent.

Consequently, over 80 countries and independent territories, including nearly every country in Europe and many in Latin America and the Caribbean, Asia, and Africa, have now adopted comprehensive data protection laws that prohibit the disclosure or misuse of information about private individuals.

For any business customer data and business, data forms the core of operations, loss of these to hackers or cybercriminals will result in wiping off the entire business. Imagine the Profit and Loss account of an unlisted company being made public or worse still, imagine confidential bank/account details becoming public. In such cases, the company stands to lose not only its business but also credibility in the market.

Illustration of personal identity cards being available from the old/used Hard Disk Drives:-

Permanent Account Number

PAN Card

 

 

The study also highlights two of the most glaring loopholes in the prevailing context;

  • No privacy-specific precautions are taken by sellers while selling their used device online
  • No type of secure deletion process is used by either the individuals or the online marketplace running such multi-seller-buyer platform

In light of above findings, it is strongly recommended to take following basic tips to protect data privacy

  • Backup your data- Be sure to have an up-to-date backup of all the important files and data in another device.
  • Trust the experts- To prevent any privacy leakages, its critically important look for an expert in the data erasure domain.
  • Use a DIY certified software- securely wipe a hard drive to ensure all of your data cannot be recovered. Latest advancement ‘plug and play software’ software is the most convenient yet powerful privacy solution for all devices.
  • A sustainable way of data deletion- Erasing data using a regulatory compliance software is a sustainable technique for physically destroying the storage media.

This eye-opening study now mandates the need of consumer awareness for both individuals and business alike, about their own Data Privacy and the need to adopt proper and secure data erasure techniques before discarding legacy gadgets; this is a pre-requisite to keep cyber criminals at bay.

For additional information and insights about this study, please reach out to us at pr@stellarinfo.com

2 thoughts on “Second Hand Drives, First Class Data !

Leave a Reply

Your email address will not be published. Required fields are marked *