Less Than 3% of Recycled Computing Devices Properly Wiped

  /     /     /  
Publicated : 23/11/2024   Category : security


Less Than 3% of Recycled Computing Devices Properly Wiped


Researchers find that companies that refurbish or accept old equipment as donations dont necessarily clean them of data as promised.



Heres some eyepopping data about the computing devices that wind up at businesses that refurbish computers or accept donated devices: Out of 85 devices tested by researchers at Rapid7, only two were wiped properly – and three were encrypted.
Tod Beardsley, director of research at Rapid7, says the study was the brainchild of Josh Frantz, a senior security consultant at Rapid7, who made the project a labor of love on nights and weekends.
Frantz tested desktops, laptops, removable media, hard drives, and cell phones from 31 businesses around his home in Wisconsin. He spent about $600 on the equipment. At the end of the six-month project, he found that many of the refurbishing and donation businesses dont actually wipe data from those devices as promised.
One of the big problems with the devices that wind up at these place is that its often hard to distinguish between work and personal devices today because so many people mix their personal and work lives, Beardsley says. From an IT perspective, its really important for corporate IT departments to set a policy that when the company refreshes devices that they all get wiped before the employee receives the new device. And for personal devices like a smartphone, its much easier today to wipe a phone and return it to the factory settings.
In a
blog
posted by Rapid7 earlier this week, Frantz reported some of his findings. Data found on the exposed devices included the following:
41 Social Security numbers
19 credit card numbers
Two passport numbers
147,000 emails
214,000 images/photos
Frank Dickson, a research vice president at IDC, says its actually surprising that Rapid7 found any computers that were properly wiped. He says companies should be careful about everything from old ATM machines (not all ATMs are properly managed by banks), printers, fax machines, computers, and smartphones.
With printers, for example, the company may have it on a lease so they have to be sure to wipe the data on those printers before it goes back to the leasing company, Dickson says. While it’s not clear how large a threat vector this is, the opportunity is there. This is one of easiest security issues to solve. You just have to remove the threat.
If you dont have time to wipe the device, use a hammer.
Related Content:
65% of Resold Memory Cards Still Pack Personal Data
6 Questions to Ask While Buying a Connected Car
More Than Half of IT Pros Employ Insecure Data Wiping Methods
New Consortium Promotes Proper Data Sanitization Practices

Last News

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Less Than 3% of Recycled Computing Devices Properly Wiped