Selling an old computer on eBay? You may also be giving away data you thought you erased

Credit: George Hodan/Public Domain

You're donating an old computer storage drive or putting one up for sale on eBay. But first, you erase all the data.

Or so you think.

Researchers teaming up from a data erasure and mobile security firm Blancco and a data recovery company Ontrack found otherwise.

The companies purchased 159 drives at random on eBay, a mix of hard drives and flash (SSD) drives.

After applying data recovery tools to those drives, they found that 42% of them had at least some data. Even more concerning, about 3 out of every 20 of the drives had personally identifiable information, including scanned images of passports and birth certificates, as well as financial records.

Some of the drives also included corporate data. One had 5GB of archived internal email messages from a major travel company, and another, 3GB of shipping details and other data from a cargo/freight company. A third drive included data from a that had what was described as a "high level of government security clearance."

How could this happen? Rarely does a consumer looking to purge a drive go to the trouble of hiring a firm such as Blancco to remove data. In fact, Blancco's customers tend to be larger enterprises or governments.

Instead, consumers who even bother to remove data from their drives either delete certain files individually, or attempt to reformat that drive, thinking any existing files may be overwritten.

But "formatting is not the same thing as removing data," says Fredrik Forslund, vice president of cloud and data erasure at Blancco, who adds that there are two ways for doing so in Windows—a quicker less secure method and way deeper format method. But even deep formatting, he says, leaves some data behind, where it could be surfaced by an individual or company with the proper recovery tools.

Forslund suggests downloading and running free "" software online called DBAN, which Blancco supports financially, though the company claims not to profit from them.

But there are many other available tools, CCcleaner, Parted Magic, Active Kill Disk, and Disk Wipe, among them.

You can, of course, continue to manually delete files of sensitive documents or pictures, keeping in mind that doing so isn't foolproof either.

"It's like reading a book and removing the table of contents or the pointer in the file system to that file," says Forslund. "But the entire data in that file remains on the so anyone can download freeware recovery software, run it, and get all the back."

The other thing you might do is consider your risk. Are you likely to be targeted? Does your drive have personal stuff blended with stuff from your employer?

Even with tiny odds, consider how you'd react if private or sensitive information were to leak. And Forslund says bad actors do purchase second-hand equipment as "a good source of creating an opportunity as an attack towards a where you might be working."

(c)2019 USA Today
Distributed by Tribune Content Agency, LLC.

Citation: Selling an old computer on eBay? You may also be giving away data you thought you erased (2019, April 29) retrieved 1 December 2023 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Update for Files by Google carries USB-OTG support


Feedback to editors