Recently, a study commissioned in Australia by the National Association for Information Destruction (NAID®), the international trade association for companies providing information destruction services, has found significant amounts of personal information left on recycled computers. For the organizations recycling their drives, this is a data breach problem. For individuals and clients of those organizations, their most private information is at risk.
NAID purchased 52 recycled computer hard drives from various publicly available sources like eBay and hired a forensic investigator to determine whether confidential information was able to be retrieved. Through this study, the investigator was able to retrieve sensitive client files and personal information. Had the data been properly erased, it could not have been retrieved.
The types of information found on the hard drives ranged from spreadsheets of clients’ and account holders’ personal information to confidential client correspondence and billing information. Some files even included personal medical information and images of a highly personal nature.
People all over the world have the ability to acquire hard drives like these. If your organization’s hard drives are getting recycled without the data being completely removed, sensitive information could fall into the wrong hands, putting both your organization and your clients at risk. This is why we chose physical destruction by shredding (or incineration for certain media such as microfiche) as our preferred method of data destruction.
When it comes to data destruction, don’t risk a data breach. Learn more about our data destruction services.
The complete NAID study is available here.
image via husseinabdallah on flickr