A whopping two-thirds of secondhand USB drives contain recoverable data from the previous owner, including some highly sensitive and personal information, according to a new study.
The study, done by the University of Hertfordshire and commissioned by Comparitech, said almost 70 percent of secondhand USB flash drives sold in the U.S. and U.K. still contain recoverable data from their previous owners. Researchers purchased 200 USB memory sticks – 100 in the US, 100 in the UK – from eBay, secondhand shops, and traditional auctions, Comparitech said.
Of the 100 drives purchased in the U.S., 64 had data deleted but it could easily be recovered. The corresponding number was 47 for the U.K.
“Researchers discovered a wide range of intimate, private, and sensitive files,” Paul Bischoff, a privacy advocate who writes for Comparitech.com, said. That includes nude photos, business documents, ID scans, job applications, wage slips, private memos, tax statements, receipts, and medical documents.
Details of some of the more notable recovered data includes:
The data recovered from secondhand USB drives could be exploited for phishing, identity theft, and extortion, Comparitech said.
“One of the criteria that the study applied to the recovered data was to ask ‘would this data be of value to a cybercriminal?’” Andrew Jones from the Cyber Security Centre at the University of Hertfordshire said. “If a person can be identified in sufficient detail — name, address, email, phone number — then this information has potential value to a criminal for identity theft.”
Jones said that data does not go away when you simply delete it or do a high-level format. And the onus is on the USB drive owner to make sure the data is not recoverable.
“Most people still believe that a simple delete will destroy the data and that is all they need to do,” Jones told Fox News via email.
“Media that has had a high-level format (quick format) is still vulnerable as the process does not overwrite the media. If a low-level format is undertaken then it does an effective job, but most people do not use it as it takes significantly longer than the quick format,” he added.
There are a number of tools already freely available, such as media wiping tools, encryption and formatting of media that will help completely erase data.
Signs You’ve Been Hacked Q: I have security software. I am good at not falling for scams. How do I know if my computer has been hacked? A: For a moment, put yourself in the hacker’s shoes. What do you want? Money, probably, but also information. You want to steal identities, so you can sell...
Google said Saturday that it works in areas that include recruiting, cybersecurity and health care in response to claims made by President Trump and top military officials that its work in China benefits the Chinese military. The president took a swipe at the tech giant in a tweet earlier Saturday, accusing Google of “helping China and...