Companies fail to destroy confidential data

Link: Review lame hacker law, says business

A two-year study by two students at the Massachusetts Institute of Technology found that of 158 second-hand hard drives that they bought, 69 still had recoverable files.

Forty-nine contained personal information, medical correspondence, love letters, pornography and 5,000 credit card details.

One, according to the Mercury News, had a whole year’s financial transactions, including account numbers, from an Illinois cash machine.

Some 150,000 hard drives were scrapped last year, according to analyst Gartner Dataquest, but many are resold on the open market.

In the past, investigations have found numerous celebrity details or sensitive records.

In 2000, Sir Paul McCartney’s bank details were discovered on an old PC, after Morgan Grenfell did not properly wipe its hard disk of data.

Last year, top secret files belonging to an international film company contained financial information and personal details of stars such as actor Stephen Fry were found on two computers sold at auction.

Lincolnshire Council dumped a number of PCs that still contained records of children at risk, and a PC containing a register of sex offenders was sold as a refurbished unit.

A group test conducted by’s sister title Network News found that the most reliable method of ensuring that data could not be accessed was to physically destroy the disk rather than rely solely on data wiping software.

Related reading

HMRC banknotes