About 90% of resold storage media devices (mainly hard drives & USB sticks) contain private or business data, put there by former users. The conclusion comes from a new study conducted by the security firm Kaspersky.
The data could be anything from finance-related documents and work emails to private messages and lewd content.
Kaspersky’s GReAT (Global Research & Analysis Team) discovered this when they analyzed 185 pre-owned storage devices’ contents. Only 11% of them were found to be completely clean. The team also found that over 1 in 5 devices had data that could be extracted quite easily.
The others (74%) had data that could also be recovered by carving.
Marco Preuß, the Europe head for GReAT, says that the potential damage if personal data falls into the wrong hands could be greater than most people think. Identity theft comes up as a potential risk when dealing with personal documents.
One could also access private accounts on banks or social media.
Blackmail is also not out of the question since a person and family members could be targeted, especially when private photos or videos of a confidential nature are available. Second-hand device ownership is on the rise.
The resale market
Kaspersky found that out of 2,000 UK consumers, about 649 had bought a second-hand computer, 802 a mobile device, and 321 had bought storage devices.
Even though the practice is well-intentioned, it could turn into a security problem. Of the 649 second-hand computers, 13% had contact details of the previous owner, 1 in 10 had business-related data, and another 10% had official documents like passports and driving licenses.
Similar percentages were seen across the USB sticks, mobile phones, and hard drives. Passwords and login details for businesses were also found, making hacking really easy.