Second-Hand Computers Pose Identity Theft Threat

Jan 30, 2006
Computer connected to the internet

A new identity theft study conducted by leading University of Leicester criminologist, Professor Martin Gill found that second-hand computers - which account for one in 12 computers in use worldwide - can be a potential treasure trove of personal information - putting users at risk of fraud and identity theft. The study urges personal and business computer users to ensure that all data is removed from their computers prior to disposing of them.

During his study, Second-Hand Computers and Identity Fraud, Professor Gill and his team purchased six computers through a mixture of second hand channels. They then conducted a forensic data analysis on each one, using a widely available software programme.

Half of the computers had in fact not been securely wiped. In one case there had been no attempt to wipe the contents whatsoever. Worryingly, data retrieved from two of the computers contained information that could be used by an identity thief.

Professor Gill, commented: "The fact that we found so much personal information through a focused study indicates that the potential for fraud and identity theft from the second hand PC market is huge. More and more of us use PCs to conduct our personal business. We must all be careful not to overlook the virtual information trail that we leave behind us."

He continued: "Simply re-formatting a hard drive is not enough to make data irretrievable. Anyone disposing of a personal computer must ensure that all data is securely wiped using specialist software to wipe over every sector of the hard drive."

Computer one

Data retrieved included: bank account details; correspondence with a bank noting change of email address; membership details for a DVD website including username and password; details of a CV outlining qualifications and where the person studied.

Alarmingly this computer was bought via an internet auction. The seller not only said that the computer had been re-formatted but he also noted that 20 more of his clients' old computers were shortly going to be made available for auction.

On this evidence, Professor Gill believes that internet auction sites represent a good opportunity for identity fraudsters to obtain previously used computers. Indeed, based on the results of a search conducted across one popular auction website on 24th January 2006 as many as 13,000 second hand or refurbished laptops and PCs are up for auction at any given time.

Computer two

Computer two contained data on: Full name and details (sort code and account numbers) for eight separate accounts with a major high street bank; username and password for an ISP account; an e-mail from a travel firm confirming details of a new online account - including password; letters of correspondence confirming the user's address.

Interestingly computer two also appears to have been used for business purposes and contained sensitive information. There was a spreadsheet which contained details of creditors, payroll, the income tax due, the bank overdraft and the VAT due. There were also lists of around 250 names and addresses of past and present customers.

But it's not just those that sell their unwanted computers that are under threat. The reports' sponsor Capital One, which offers free identity theft and fraud protection and assistance services, points out that disposing of a PC is just as dangerous. One only has to visit a local refuse centre to find discarded computers and hard drives that can be picked up for free - or for a small charge.

Justin Basini of Capital One, commented:

"To date most of the advice surrounding protecting oneself against fraud and identity theft has centred around looking after personal, paper-based documentation. But that won't account for the digital fingerprints that we leave behind on our PCs. We hope that our study will alert people to the dangers and encourage them to thoroughly cleanse computers before letting them out of their possession."

Identity theft occurs when criminals steal and use your personal information, such as your social security number and date of birth, to assume your identity and make telephone or online purchases or open up credit card accounts and other lines of credit in your name.

These crimes are facilitated by the relative ease with which offenders can gain information and personal documentation about people. According to research published by CIFAS2, there were approximately 60,000 victims of identity theft in 2005 (a 14 per cent increase over 2004) and APACS3 reports that 7 per cent of all plastic fraud is related to identify fraud, costing approximately £37 million last year alone.

Basic advice for wiping data from a PC

1. Remember that the delete function does not securely wipe/erase the data. Much of it will be retrievable.

2. Reformatting the hard drive does not wipe/erase the data.

3. Always wipe the whole hard drive using a specialist software application before disposing of the computer. For this study Professor Gill and his team wiped all the data from the computers afterwards using a software programme called Encase Version 4.22.

4. If in doubt, seek professional advice before letting the PC out of your possession.

Source: University of Leicester

Explore further: Apple may deliver ways to rev up the iPad, report says

Related Stories

A nano-transistor assesses your health via sweat

May 15, 2015

Made from state-of-the-art silicon transistors, an ultra-low power sensor enables real-time scanning of the contents of liquids such as perspiration. Compatible with advanced electronics, this technology ...

The Apple Watch heralds a brave new world of digital living

May 14, 2015

"The Watch is here" touts Apple's slogan for its wearable computer, implying that the one and only time-piece that really matters has arrived. So much for the Rolex Cosmograph and Seiko Astron when you can buy a stylish digital Apple Watch Sport, or even Appl ...

How parents threaten children's online privacy

May 13, 2015

Most parents go to great lengths to keep their children safe online—but what if parents themselves, through the simple act of posting photos to Facebook and Instagram, are putting their own kids at risk ...

Emotion detection software used to design advertising

May 06, 2015

The marketing industry has revolutionized the way people create publicity. Through the emotions, it defines which images, colors and objects best generate product identity and achieve great sales.

Recommended for you

Apple may deliver ways to rev up the iPad, report says

36 minutes ago

MacRumors last month said that the latest numbers from market research firm IDC's Worldwide Quarterly Tablet Tracker revealed Apple stayed on as the largest vendor in a declining tablet market. The iPad ...

Domino's taking orders via tweet

18 hours ago

Domino's on Wednesday launched perhaps the easiest way to satisfy a pizza craving this side of mind reading: order by tweet.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.