[geoff01]

The only surefire way to stop criminals stealing data from secondhand computers is to destroy the hard drive, a study by Which? Computing magazine has warned.

Even though people think they have wiped data from machines before they sell them on auction sites or put them onto rubbish tips, the files remain on the hard drives – and can contain vital information such as bank details and other personal data sufficient for identity theft. They can be recovered using specialist software that is widely available.

The magazine recovered 22,000 "deleted" files from eight computers which it bought from the auction site eBay – demonstrating that normal deletion is insufficient to remove the data.

Criminals source used computers in order to find such useful data, the magazine warned. "PCs contain more valuable personal information than ever as people increasingly shop online, use social networking sites and take digital photos," said Sarah Kidner, editor of Which? Computing. "Such information could bring identity thieves a hefty payday."

One Which? reader, Alexander Skipwith, had to pay £100 to get his hard drive back from a man purporting to be in Latvia: he emailed Skipwith with a personal photo to show that he had access to his hard drive, which contained bank statements and a mortgage application. Skipwith had previously been told that his faulty hard drive would be wiped of personal information when it was replaced by a computer manufacturer.

http://www.guardian.co.uk/technology...security-which