Clearly it isn't difficult to get old information off second hand harddisks; with the price of hard drives so low it would seem far more sensible to ship 2nd hand PC's with new hard drives rather than ones laiden with your data.
A customer database and the current access codes to the supposedly secure Intranet of one of Europe's largest financial services group was left on a hard disk offered for sale on eBay. The disc was subsequently purchased for just £5 by mobile security outfit Pointsec Mobile Technologies. According to Pointsec, one of the hard discs contained "highly sensitive information from one of Europe's largest financial services groups with pension plans, customer databases, financial information, payroll records, personnel details, login codes, and admin passwords for their secure Intranet site. There were 77 Microsoft Excel documents of customers email addresses, dates of birth, their home addresses, telephone numbers and other highly confidential information, which if exposed publicly could cause irrevocable damage to the company." Pointsec isn't prepared to name the careless company.
The incident recalls the episode four years where Sir Paul McCartney's banking details were discovered on a second-hand computer discarded by merchant bankers Morgan Grenfell Asset Management. The PC was released into the second-user market without first being wiped clean of data, a precaution that the majority of sellers still fail to take.
Pointsec purchased 100 hard discs over auction site as part of its research into the "lifecycle of a lost laptop". Pointsec found that they were able to read seven out of 10 hard-drives bought over the Internet at auctions such as eBay despite the fact all of had "supposedly" been "wiped-clean" or "re-formatted". The company said the exercise illustrated how easy it is for identity thieves or opportunists to access highly sensitive and valuable company information from lost laptops and hard-drives. All the 100 hard drives and laptops purchased as part of Pointsec's research will be destroyed.
View: Read more @ El Reg