A total of 200 hard drives bought from Internet auction sites and trade fairs were examined, and the results are quite shocking. 11 percent were found to contain personal information belonging to the previous owner, while another 37 percent had what is described as “non-personal” information. Only 38 percent of the drives had been properly wiped, while a further 14 percent were damaged and unreadable.
Of the data recovered, some 34,000 files were found to contain highly sensitive information, including scanned bank statements, passports, birth certificates, employee information, full bank details, family photos, and medical information.
According to Graham Cluley, senior technology consultant at security firm Sophos, “such incidents aren’t always the fault of the company who owned the hard drives,” and they could be the fault of a third party organization used to handle the secure disposal of assets.
“But it’s always us, the unfortunate member of the public,” he adds, “who is most exposed by the sloppy practice.”
I recommend three ways of erasing a hard disk drive (HDD). The first is to use software solution such as DBAN to erase the drive. This method can be very time-consuming and the drive has to be attached to a PC for the entire operation, which can last for hours. It is, however, a cheap — the software is free — and very effective way of erasing a hard drive.