It can be very tempting to sell an old hard disk drive to get a bit of money back, instead of simply throwing it out. If you are going to go down this route, you should take the necessary steps to completely purge the drive of all data, especially if it contains personal data like bank details and identification.
Blancco Technology Group, experts in secure data erasure, conducted a study on 200 old hard drives that they randomly purchased online. They wanted to find out how much data, if any, could be recovered from the drives, and if any was of a personal nature. While their results were very shocking, they were hardly surprising. They found that 67% of the drives they purchased from eBay and Craigslist contained data, with much of it personal like financial information.
Perhaps more worrying, though, Blancco found that 11% of the hard drives that contained residual data were from businesses, with the data including financial information, staff emails and other private company data. This has huge data protection implications, particularly with regards to the Data Protection Act of 1998, which has incredibly strict guidelines on handing private data.
Second hand hard drives are often collected by cyber-criminals solely to retrieve personal information, so it can’t be stressed how important it is to securely erase a drive before selling it. Removing data permanently from a drive is done through a process known as sanitisation; simply deleting files won’t do the trick. When you use the default programs on Windows and Mac machines – Disk Management and Disk Utility respectively – to delete data, it doesn’t actually securely wipe the storage media. Until new data is written onto the drive by the operating system, it can still be recovered, either by home users with software or by a data recovery specialist.
A good tool to completely sanitise your hard drive is DBAN, a free data destruction program. DBAN deletes all files on the storage media and replaces it with dummy data, ensuring it won’t be recoverable. DBAN allows you to completely sanitise an internal hard drive or solid state drive, or removable storage like a USB flash drive or an SD card.