Old PCs are goldmine for data thieves

Don't forget to wipe


Organisations are risking seeing sensitive information ending up in the wrong hands, because they are failing to ensure that their unwanted PCs are properly datawiped.

Data is erased from less than a quarter of discarded PCs, according to UK PC recycling firm Remploy e-cycle. Seventy five per cent of 350 firms it quizzed sold or gave away unwanted PCs, but only 23 per cent wiped hard disks before getting rid of old computers. Four in ten (38 per cent) of those reformated drives before giving them away in the mistaken belief that this would prevent sensitive date from being recovered, the study found.

Many of the worst data security risk takers came from the financial services industry. Only one in eight ensured that sensitive data got destroyed, according to Remploy.

Noel Harasyn, Remploy e-cycle's general manager, said: "Quite frankly, this is deeply disturbing. It is laudable that companies are already making redundant equipment available for re-use but in the overwhelming majority of cases, they are not rendering the data on hard drives unrecoverable. Simply reformatting or overwriting once or twice as most appear to do will still allow much of the data to be recovered."

WEEE the unprepared

The survey comes ahead of legislation this Autumn which will put more pressure on companies to recycle IT equipment, rather than dumping it in landfill sites. The WEEE Directive (Waste Electrical and Electronic Equipment) makes manufacturers responsible for recycling electrical equipment at the end of its useful life. However, research from printer manufacturer Brother suggest most companies expect to shoulder some of the cost.

Remploy's survey highlights a longstanding issue. Earlier this year a customer database and the current access codes to the supposedly secure intranet of one of Europe's largest financial services group was left on a hard disk offered for sale on eBay. The disk was subsequently purchased for just £5 by mobile security outfit Pointsec Mobile Technologies.

Pointsec purchased 100 hard disks through internet auction sites, as research into the "lifecycle of a lost laptop". It could read seven out of 10 hard-drives bought over the internet, despite the fact all of had supposedly been wiped-clean or re-formatted. The company said the exercise illustrates how easy it is for identity thieves or opportunists to access highly sensitive and valuable company information from lost laptops and hard drives.

In 2000, Sir Paul McCartney's banking details were discovered on a secondhand computer discarded by merchant bankers Morgan Grenfell Asset Management. The PC was released into the second-user market without first being wiped clean of data. ®

Related stories

Oops! Firm accidentally eBays customer database
How to make hard cash from old IT
Brace your IT budget for green impact
Paul McCartney account details leaked on second user PC
Datawiping works (true)


Other stories you might like

  • You need to RTFM, but feel free to use your brain too
    But I was only following the procedures!

    Who, Me? Monday is here, and with it a warning that steadfast determination to ignore instructions might not be such a silly thing after all. Welcome to Who, Me?

    Today's story comes from a reader Regomized as "Sam" and takes us back to his first proper IT job following his departure from the education system.

    Sam found himself on the mainframe operations team for a telecommunications company. The work was, initially, pretty manual stuff. The telco wasn't silly, and had its new recruits start by performing offline duties, such as gathering tapes and job tickets for batch runs, handling payslips, "basically anything involving a bit of leg work," he told us.

    Continue reading
  • Tropical island paradise ponders tax-free 'Digital Nomad Visa'
    Live and work in Bali, pay tax at home

    The government of Indonesia has once again raised the idea of creating a "digital nomad visa" that would allow foreign workers to live and work in the tropical paradise of Bali, tax free, for five years.

    The idea was raised before the COVID-19 pandemic, but understandably shelved as borders closed and the prospect of any digital nomads showing up dropped to zero.

    But in recent interviews Sandiaga Uno, Indonesia's minister for Tourism and the Creative Economy, said the visa was back on the drawing board.

    Continue reading
  • Small in Japan: Hitachi creates its own (modest) cloud
    VMware-powered sovereign cloud not going to challenge hyperscalers, but probably won't be the last such venture

    Hitachi has taken a modest step towards becoming a public cloud provider, with the launch of a VMware-powered cloud in Japan that The Register understands may not be its only such venture.

    The Japanese giant has styled the service a "sovereign cloud" – a term that VMware introduced to distinguish some of its 4,000-plus partners that operate small clouds and can attest to their operations being subject to privacy laws and governance structures within the nation in which they operate.

    Public cloud heavyweights AWS, Azure, Google, Oracle, IBM, and Alibaba also offer VMware-powered clouds, at hyperscale. But some organizations worry that their US or Chinese roots make them vulnerable to laws that might allow Washington or Beijing to exercise extraterritorial oversight.

    Continue reading
  • Beijing probes security at academic journal database
    It's easy to see why – the question is, why now?

    China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure (CNKI), citing national security concerns.

    In its announcement of the investigation, the China Cyberspace Administration (CAC) said:

    Continue reading
  • Cerebras sets record for 'largest AI model' on a single chip
    Plus: Yandex releases 100-billion-parameter language model for free, and more

    In brief US hardware startup Cerebras claims to have trained the largest AI model on a single device powered by the world's largest Wafer Scale Engine 2 chip the size of a plate.

    "Using the Cerebras Software Platform (CSoft), our customers can easily train state-of-the-art GPT language models (such as GPT-3 and GPT-J) with up to 20 billion parameters on a single CS-2 system," the company claimed this week. "Running on a single CS-2, these models take minutes to set up and users can quickly move between models with just a few keystrokes."

    The CS-2 packs a whopping 850,000 cores, and has 40GB of on-chip memory capable of reaching 20 PB/sec memory bandwidth. The specs on other types of AI accelerators and GPUs pale in comparison, meaning machine learning engineers have to train huge AI models with billions of parameters across more servers.

    Continue reading
  • Zendesk sold to private investors two weeks after saying it would stay public
    Private offer 34 percent above share price is just the thing to change minds

    Customer service as-a-service vendor Zendesk has announced it will allow itself to be acquired for $10.2 billion by a group of investors led by private equity firm Hellman & Friedman, investment company Permira, and a wholly-owned subsidiary of the Abu Dhabi Investment Authority.

    The decision is a little odd, in light of the company's recent strategic review, announced on June, which saw the board unanimously conclude "that continuing to execute on the Company's strategic plan as an independent, public company is in the best interest of the Company and its stockholders at this time."

    That process saw Zendesk chat to 16 potential strategic partners and ten financial sponsors, including a group of investors who had previously expressed conditional interest in acquiring the company. Zendesk even extended its discussions with some parties but eventually walked away after "no actionable proposals were submitted, with the final bidders citing adverse market conditions and financing difficulties at the end of the process."

    Continue reading

Biting the hand that feeds IT © 1998–2022