eBay and Craigslist Used HDDs Often Come With Free Data

If you’re about to sell, trade, or throw away your storage device, it might not be a bad idea to purge everything on the drive. However, it looks like many of us leave behind some information, and it makes it only easier for users to be compromised.

Researchers from Blancco Technology Group, makers of Blancco 5 erasure software, purchased 200 used hard disk drives and solid state drives via Craigslist and eBay. You can probably already see where this one is going:

During the investigation, 67 percent of HDDs and SSDs held personally identifiable information (PII), with 11 percent holding sensitive corporate information.

Personal information included resumes, financial records, Social Security Numbers, and other sensitive information we’re all told to continually protect. As noted by Paul Henry, Blancco Technology Group Digital Forensic Experts:

“Two of the more incriminating types of personal information we recovered are financial data and resumes – these files contain all of the information needed for a hacker to go in, steal the information and then perpetrate identity theft and fraud.”

As for corporate information, researchers found employee-sent corporate emails, spreadsheets, customer data, and CRM records were discovered.

Deleting items in the Recycle Bin might free up desktop space, but that doesn’t mean the information simply vanishes. Quick formatted information can also sometimes be recovered by cyber criminals, with growing interest in data erasure methods.