Discarded Computers Can Lead to Identity Theft

The next time you get ready to buy that new, faster and more advanced computer, think twice before you throw out your old one. Something that may appear to have no use to you might actually have great potential for identity theft criminals. You could be handing these thieves a veritable gold mine of personal information that can include financial, banking and other sensitive data.

New evidence points to an emerging trade backed by disreputable computer dealers. These dealers are constantly on the lookout for computers that have been discarded. Their goal is to harvest these unwanted computers for the personal information that they contain on their hard drives. There are even those who rummage through trash cans while searching for used hard drives. In some cases, they’ll offer an owner a few dollars for the discarded computers. They consider this just the cost of doing business. Plus, it makes obtaining the discarded computer look a lot less suspicious.

Deleting files may not help

Computer experts point out that deleting your files, prior to discarding a computer, is simply not enough. There’s a good reason for this. The term “deleting a file” is a bit misleading. With most common operating systems, when you normally delete a file, by throwing it in the computers trash bin (and even emptying the trash bin), the file doesn’t actually go away. All that is happening is that the computer is making that hard drive space available to be overwritten, later. If that hard drive space is not overwritten, then the original files are still there. It doesn’t take much for a thief to access those files.

One way to avoid this danger is to invest in an inexpensive disk wiping software program. These are easily found on the market and should be used when you discard your computer. A disk wiping program will overwrite all the files on a hard drive, several times, with digital binary nonsense. It’s the equivalent of placing sensitive paper documents through a government-grade shredder.

Other options will include companies that specialize in the complete destruction of a computer or hand-held electronic device. For a fee, they will ensue that all of your personal data will be eliminated by grinding the devices into tiny pieces. You can also take your computer, or other electronic gear, to a recycling center that specializes in electronic devices. However, it’s important not to just leave your discarded computer outside a recycling center during off hours. This is a prime target for those who wish to pick up unguarded computers for criminal purposes.

It’s also ill advised to attempt to destroy the computer yourself. This is due to the fact that computers contain toxic substances that can have a negative impact on the environment or the owner. Proper disposal is therefore recommended.

If you believe that this may not affect you, then consider the case of a Nevada woman who purchased a used computer. Here, the state of Pennsylvania had sold used computer systems which happened to contain data that involved state employees. The computer she purchased held the prescription records of 2,000 Arizona pharmacy customers.

Two MIT graduate students offer further details

Over the course of two years, two Massachusetts Institute of Technology graduate students, Abhi Shelat and Simson Garfinkel, put together a group of 158 used computer hard drives. These were purchased for $5-$30 each on eBay and second hand computer shops.

It was noted that 129 of the hard drives were still functioning. Out of those, 69 hard drives had recoverable data. Out of the 69, 49 were shown to contain personal information that was “significant”. This included love letters, medical data, pornography and an astounding 5,000 credit card numbers. On one drive, there was an entire year’s worth of ATM account number transactions. That particular drive was not even formatted – but merely removed from the computer and sold.

Operating system solutions

As mentioned earlier, a computer will not automatically eradicate data by “deleting” the file. This is true for the most common operating systems such as Microsoft’s Windows and various UNIX systems. But even formatting an old hard drive may not be enough. In the previously mentioned MIT graduate student study, out of the 129 operational hard drives, 51 had been formatted. But out of those, 19 still had recoverable date. While UNIX provides a one-line command to completely obliterate unused data, it requires 3rd party software in other cases. The problem is that few individuals bother to go through the trouble.

But it has been pointed out that computer users should not have to choose between destroying their old systems or completely wiping their hard drives. In the future, operating systems may solve the problem. However, too many users like the idea of being able to recover their data whenever they wish. Unfortunately, it’s that potential of data recovery that identity thieves also count on

Notify of
Inline Feedbacks
View all comments

Jump to:

Would love your thoughts, please comment.x