Privacy watchdog finds bank details and other personal data left on second-hand hard disks
People are putting themselves at risk by failing to delete personal information on unwanted gadgets with hard disks.
The Information Commissioner's Office found that 65 per cent of people will either sell or give away PCs, mobile phones and memory sticks. Of 230 used devices it bought for the study, nearly half (48 per cent) contained data, some of which would be useful for criminals.
This included bank and passport details that could be used by unscrupulous people or cyber criminals.
Information Commissioner, Christopher Graham, said: "Many people will presume that pressing the delete button on a computer file means that it is gone forever. However this information can easily be recovered.
"Today's findings show that people are in danger of becoming a soft touch for online fraudsters simply because organisations and individuals are failing to ensure the secure deletion of the data held on their old storage devices.
He went on to say that because "personal and company information is a highly valuable commodity", the ICO has published an online guide showing how to ensure data is deleted.
The ICO began its investigation in December 2010 and teamed up with NCC group. This computer forensics firm bought 200 hard drives, 20 memory sticks and 10 mobile phones; mainly bought online from internet auction sites and computer trade fairs.
After the devices were searched, initially without any additional software, and then using forensic tools freely available on the internet, it was found that of the 48 per cent that had data, 11 per cent of this was sensitive
The ICO said 34,000 files containing personal or corporate information were recovered from the devices. Enough information was recovered form two of the hard disks that would allow a cyber-criminal to steal the former owner's identity.
Other documents found included scanned bank statements, passports, information on previous driving offences, and some medical details, and corporate information including details of employees.
Graham said he hoped people would read the guidance and "take better control of their personal data."
Updating your subscription status