There’s a reason why experienced IT professionals always take out the hard drive before selling old computers. The data on a wiped drive isn’t gone forever. Whether you’re leasing, selling, or recycling old machinery, even a wiped drive poses a data security risk when it possibly contains sensitive corporate information cybercriminals can exploit.
Don’t think it’s an issue worth considering? Here are 4 major incidents of failures in IT asset recovery and secure data destruction.
Simson Garfinkel, a researcher at Harvard’s Department of Science, once collected 158 hard drives from various online auctions and second-hand stores. Searching through the contents, he found thousands of sensitive documents like payment information and medical records. As it turned out, some of the drives had undergone IT asset recovery and secure data destruction procedures, but the employees involved were improperly trained for the job, resulting in the leaked data.
When a Canadian electronics seller NCIX went bankrupt in late 2017, the original managers took to selling the remaining assets. However, the company failed to destroy the data properly, and old hard drives ultimately found their way to the Craigslist market.
What resulted was thousands of Canadian and U.S. customers getting their data exposed despite Canada’s Personal Information Protection and Electronic Documents Act explicitly demanding the information collected from customers be destroyed upon bankruptcy. Amongst the data recovered were:
- Financial invoices
- Customer ID photocopies
- An income tax document from an employee
- Account passwords
- Various contact information
The incident goes to show how impactful weak data destruction policies can be. Business owners should never underestimate the importance of IT asset recovery and secure data destruction.
Sometimes, your vital personal information gets carelessly sold online. The financial data processing company Mail Source sold an old computer used for archival storage on eBay. When an IT manager from Oxford picked up the machine, he found dozens of bank account numbers, contact information, and credit card signatures on the hard drive.
Identity theft is one of the major risks involved in secure data destruction. While the incident was described as “isolated” by the company, it’s no secret a rogue drive could result in the loss of trust from your customers.
Neglecting hard drive destruction is, unfortunately, a constant issue for businesses. In Channel NewsAsia’s documentary The Trash Trail, the producers bought 9 separate hard drives in Singapore. Despite the efforts from the sellers to wipe the data, the drives still recovered personal details, passports, and even nude images from its previous owners.
Companies need to ensure they have solid IT asset recovery and secure data destruction policies in place to prevent major accidents like these.
Refreshtek | IT Asset Recovery and Secure Data Destruction | Toronto & the GTA
According to IBM’s data breach study, a lost or stolen record with sensitive information can cost your business up to $141 per drive. Don’t let your company fall victim to poor data security.
If you have old computers to recycle, bring it through us at Refreshtek for the most reliable job in secure data destruction.
- Data being stolen from discarded storage drives is a real problem, yet many companies overlook it.
- Companies like NCIX have inadvertently sold sensitive information on online marketplaces, and even individuals don’t realize their old documents are still recoverable after selling old computers online.
- Refreshtek knows data security and the possibility of data theft more than anyone else. Our in-house IT asset recovery and secure data destruction solution is the safest way to protect both your business and your customers from data breaches.