Posted on 06/28/2016 3:39:49 PM PDT by nickcarraway
A new study from technology firm Blancco Technology Group found that 78% more than three quartersof used, resold, or refurbished hard disk drives still contained personal or confidential information, despite supposedly being wiped.
In the first quarter of 2016, the group purchased a total of 200 used hard disk drives and solid state drives sold in the United States from eBay and Craigslist. Out of the 200, the Blanccos digital forensics team was able to recover left-over data from 78% of the drives, according to the study.
5% of the residual data were spreadsheets, which included sales projections and inventories for various companies. Although this number seems small, the company urges businesses to erase data, saying it is the most important security measure corporations should take. The study references the 2014 data breach at Sony Pictures, when hackers took control of the film companys computer system. Other than posting internal salary information during the hack, the hacker group also leaked five of Sonys movies onto the Web.
As for personal information, over half (67%) of the drives contained things like photos (43%), social security numbers (23%), and financial data (21%).
Paul Henry, Blanccos digital forensics expert, explained in the study that this left over information is all hackers need to steal the information and then perpetrate identity theft and fraud.
This could have devastating effects for individuals because it could not only rob them of their hard-earned money, but it could also hurt their chances to get approved for financing, mortgage loans and so much more, Henry said in the study.
So, despite the fact these drives were supposedly wiped, why do so many of them still have information that shouldnt be in a strangers possession? The study points out that there is a big difference between deleting data and erasing it.
For example, when you delete a file on a computer by dragging it to the trash bin, or even by using the delete key, this doesnt destroy the data. Instead, formatting a drive erases data. However, the study warns that not all format commands are the same. A quick format, for example, which was used on 40% of the drives, still left some data behind that could easily be accessed by a hacker. A full format, which was used on 14% of the drives, was more thorough, but still missed some crucial information.
They’re welcome to the bits and bytes they can scrap off the face of the sledge hammer I used to pancake that sucker.
REM gfy.cmd
format c: /y
again:
echo ESADMOFO >> c:\ESAD.TXT
goto again
erase c:\ESAD.TXT
goto again
I use my old computers for target practice.
I think I have one of those in the basement. It might be a 20.
A few years ago I bought a computer off eBay from someone upgrading to a newer model. Although he had deleted a bunch of stuff, I found a login ID that was deleted but the partition still existed. It was his girlfriend’s login on the computer, full of private financial and personal information. I’m not that type of person to take advantage of that, and I wiped the data. With that information to bank accounts, SSI#, passwords etc. I could have wreaked havoc in her life. Just goes to show you, do secure multiple wipes of hard drives in your computer before selling it.
Went back next day (it was a Saturday/Sunday sale),told the guy what I found and he said "you look like an honest guy,I know you won't abuse it".
Well,I *am* and honest guy and *didn't* abuse it
But....yikes! Foolish guy!
Fixed to a 4x4 post, it makes a good target for my Beowulf .50cal. And a new seagate sata 500gb 7200rpm replacement, is a cheap $50 or so.
I was working on an HP laptop that had a finicky CMOS. The hard drive had failed and it wouldn’t accept anything that I tried in it. So I went to ebay and bought an identical drive. Before I installed it I slaved it to another machine. Sure enough - it was complete with personal data, movies, and porn.
I can’t remember how many passes I made on it before I trusted it with any software.
HP (has problems) systems being onery is no surprise. I avoid them and recommend others buy something else when asked.
“formatting a drive erases data”
No, it doesn’t. Even deleting the partition won’t, unless the sectors are overwritten.
Had to laugh at the title you have devised for your techique for dealing with no longer needed hard drives.
I use the same process: full disassembly and deep, heavy scoring of the platters followed by personally taking them to the electronics salvage point at the county dump.
Always get a smile when hand them a large ziplock bag full of hard drive components.
I crush mine with a log splitter.Try to recover data after that.
“I use my old computers for target practice.”
Bingo! They are not bullet proof. 45ACP removes about a 1/2 inch chunk for every disc hit.
Two options with hard drives.
Target practice
Dismantle them. The platters make great coasters. The super powerful magnets can hold a cast iron skillet to the refrigerator.
I guess I could crank up one if dad’s dozers and drop the blade a few times and drive over the remains.
If someone can recover data from that, they are welcome to it.
I have a magnet that you could tow the Queen Mary with.
CCleaner. Free drive wiper. Wipes the drive or just free space. Several levels of depth available. I use it regularly.
I would say that unless what you have is so valuable that the NSA would use cyrogenic superconducting magnetic heads on it, a DOD-certified wipe will do it these days. There was a time (on <100 meg drives) when you could actually replace the disks themselves to a “good” drive and read them; then, there was a time (<10gigs, lets say) when you could replace disks and the PCB from a known good drive and read a bad disk. Both of these techniques could be done under “reasonably clean” conditions, even in your home. Now, the density is so high and the drive is setup with magic factory parameters that marry the disks, heads, mech, and PCB, super-secret proprietary firmware and algorithms that are probably known by 10 people at the factory, I’d say that recovery by mere mortals is just about impossible.
I’ve done the sorts of things described above twice in my career and grown men almost cried with joy.
Who sells a used hard Drive? That’s crazy.
Make wind chimes out if them, or trip wires. Whatever floats your boat. Just degauss them first.
They’d make good targets too. Be creative.
Get a cheap docking station, and keep your hard drives. I have several old hard drives that I still use.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.