Data protection watchdog claims more than 10 per cent of sold-on hard drives contain previous owner's data.
More than one in ten second-hand hard drives contains recoverable data belonging to the original owner, claims research from the Information Commissioner’s Office.
The data protection watchdog asked computer forensics firm, NCC Group, to acquire 200 hard drives, 20 memory sticks and 10 mobile phones from online auctions and trade fairs.
The haul of devices was then trawled through using freely available forensics tools. It was then discovered that 11 per cent of the hard drives contained personal data from the previous owner.
At least two thirds of the drives contained enough information - including bank statements, passports and medical records - for criminals to steal the owner’s identity.
Christopher Graham, the Information Commissioner, said: “We live in a world where personal and company information is a highly valuable commodity. It is important that people do everything they can to stop their details from falling into the wrong hands.
“Today’s findings show that people are in danger of becoming a soft touch for online fraudsters simply because organisations and individuals are failing to ensure the secure deletion of the data held on their old storage devices.”
Graham Cluley, senior technology consultant at security vendor Sophos, said the deletion of data on old devices is not always the responsibility of the previous owner.
“It can be that they've trusted a third party organisation to handle the secure disposal of assets,” he said. “But it's always us, the unfortunate member of the public, who is most exposed by the sloppy practice.”
He said, although many companies go to great lengths to dispose of old computer equipment responsibly, there's clearly still more work to be done.
“Once again, it's time for users and companies to consider the benefits of fully encrypting their hard drives as well as getting in the habit of securely wiping drives as they are junked,” Cluley added.