Home » News » Beware of the risks of selling old hardware

Beware of the risks of selling old hardware

Sunday, 12 May, 2019

Consumers and businesses are inadvertently putting themselves at risk from cybercriminals when selling storage drives and other devices in the second-hand hardware market, according to a new report.

The report, catchily titled ‘Privacy for Sale – Data Security Risks in the Second-Hand IT Asset Marketplace’, was produced by Blancco Technology Group. It outlined the extent to which devices still contained sensitive information that could be exploited by cybercriminals even after wiping them.

Blancco, in conjunction with Ontrack analysed 159 leading brand drives that had been bought on eBay in the US, UK, Germany and Finland and found that almost half still held sensitive data.

A substantial 15% still held personally identifiable information such as birth certificates, photographs, names and email addresses, despite the fact that many sellers had used the proper data sanitisation methods that supposedly ensured they were wiped clean.

Among the data recovered from second-hand drives Blancco found a drive from a software developer that had high-level government security clearance still contained scanned passports, CVs and financial records. Another contained more than 32,000 photos, while a travel company’s still held 5GB of email conversations.

Blancco said that this was extremely worrying as it showed that while sellers are doing their bit the methods of sanitisation were clearly inadequate.

Selling old hardware via an online marketplace might feel like a good option, but in reality, it creates a serious risk of exposing dangerous levels of personal data. By putting this equipment into the wrong hands, irreversible damage will be caused – not just to the seller, but their employer, friends and family members.

- Fredrik Forslund: VP Cloud and Data Erasure, Blancco

As we all know deleting data can be extremely difficult. Most deletion systems tend only remove pointers to the data and not the data itself. And destruction of the hardware doesn’t necessarily remove the data either. While it may be difficult to read the data from the damaged hardware and the media may not be able to be plugged in easily it doesn’t mean the data has gone away.

Those in the know recommend getting a professional to do the wiping for you. But this can be expensive. Instead they suggest you should wipe and rewrite every trace of data at least three-times. This may seem like overkill, but it is a necessary task to have peace of mind that the data you have will be truly removed.

Experts recommend you use secure data erasure software. Some overwrite an entire drive with meaningless random characters. They also recommend you try disk encryption software such as Apple FileVault and Microsoft BitLocker, which will secure the drive with hard-to-guess password.

Tim Bamford author picture


Tim is a veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

The biggest malware threats of 2020…so far

It’s been a year few of us will forget in a hurry, and we're only halfway through.

The biggest malware threats of 2020…so farThe biggest malware threats of 2020…so far Read more

Instagram could become the main news source for young people.

Reuters finds changes in the way younger users consume the news.

Read more

BT launches second line service

BT launches second broadband home line service for the new crop of home workers.

Read more

Best broadband areas for online gaming in the UK.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

How to check if your broadband is down

It might seem obvious that an outage has occurred, but there are easy ways to check if your broadband is down, or whether the problem is more localised

How to check if your broadband is downHow to check if your broadband is down Read more

A guide to Big Tech alternatives.

It seems like we’re reliant on a small group of companies, are there alternatives?

Read more

Quick tips for boosting home broadband speed

Boosting speed can transform activities like streaming, gaming and accessing cloud storage

Read more

What’s the difference between hardware, firmware and software?

Read more