Dive Brief:

• A new report finds improper data removal practices are leaving sensitive data up for grabs and putting both consumers and businesses at risk.
• The study, by Blancco Technology Group, examined 200 used hard disk drives and solid state drives purchased randomly from eBay and Craigslist since the beginning of 2016.
• Residual corporate data was found on 11% of the purchased drives.

Dive Insight:

The most common types of corporate data recovered by Blancco digital forensics experts included company emails (9%), spreadsheets (5%), customer data (3%) and CRM records (1%).

Businesses disposing of old computers or drives need to ensure they properly wipe all data. Of the 200 used HDDs and SSDs, only 10% had a secure data erasure method performed on them, Blancco digital forensics experts reported.

“IT executives and CIOs often put most of their attention, resources and budgets towards tackling ‘scary’ data security threats, such as backdoor attacks, extortion hacks, malicious insider intrusions and malware,” said Blancco Technology Group CEO Pat Clawson. “Investing in tools and methods to erase data from IT assets tends to sit low on their organization’s list of IT security priorities. But as our study shows, the dangers are just as precarious when data isn’t securely and completely erased.”