Study: Few second-hand hard disks wiped clean

Share this article:

Businesses and individuals are dumping hard disks with large amounts of data still on them, leaving the door open for identity theft, commercial sabotage or political compromise, a yet-to-be-released study has found.

Researchers have been conducting the annual study, called "The analysis of information remaining on disks offered for sale on the second-hand market," since 2005.

They analyzed used hard drives obtained in second-hand markets and found that the majority of the disks contained sensitive data, Glenn Dardick, study researcher and assistant professor of information systems at Longwood University in Virginia, told on Wednesday.

Each year, researchers have discovered Social Security and bank account numbers on the used machines. They also have found government information, patient medical records, court-sealed documents involving child abuse and wills of deceased people, Dardick said. 

The research team includes Dardick, Andrew Jones, head of information security research at U.K.-based British Telecommunications; Craig Valli of Edith Cowan University in Australia and Iain Sutherland of the University of Glamorgan in the U.K. The ongoing research is expected to be published in the International Journal of Liability and Scientific Enquiry.

Dardick said he obtained many of the hard disks he studied on eBay. Others were purchased in private stores.  They came from the U.K., North America, Germany, Australia, Europe and Asia.

Researchers found that one-third of the disks they analyzed this year had been wiped clean, as opposed to 45 percent last year.

Dardick said he hopes the study will illustrate that companies should expunge hard drives of sensitive data before getting rid of them. Additionally, it highlights the need for asset control within companies, he said. 

“Companies have to be held accountable for where they stored customer data and where it's held today,” Dardick said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.