What are you giving away with your old computer?

Apr 26, 2012

11% of second-hand hard disks still have personal information on them. Find out how to keep your data safe.

The Information Commissioner's Office (ICO), which looks at information security in the UK, bought hard drives, mobile phones and memory sticks second-hand to check whether they had been properly wiped before being sold.

They managed to pull files from almost half of the 230 devices. One in ten held personal information that could be used for fraud, including scans of passports, bank statements and even medical records. And it wasn't just the owners of the disks that were at risk: some of them held personal information about employees or clients, rather than of the device's owner.

The problem is that just pressing 'delete', or even reformatting a disk, isn't enough to stop someone from accessing information. The data that makes up a 'deleted' file isn't actually removed from the disk. Instead, the computer notes that the file isn't needed any more and that the part of the disk it was on can be used for something else. If that part of the disk doesn't get used (for example, for saving other files) then specialist software can recover the original file.

Files can be securely deleted using programs which fill in the space on the disk with meaningless information. Alongside the research, the ICO has published a guide to getting rid of your data safely.