PDF

304

Solutions

628

Contributors

A Portable Document Format (PDF) is a file format consisting of an electronic image resembling a printed document and can be viewed, printed, and electronically transmitted. PDF files can store various types of data, including formatted text, vector graphics, and raster images. The page layout defines the location, size, and shape of each page and each item on the page. The information looks the same no matter what device or program is used to open it.

Share tech news, updates, or what's on your mind.

Sign up to Post

Formatting a hard drive is enough security if giving a computer away - or is it?

I recently had cause to recount an experience with one of my clients several years ago at another forum.

A client of mine was once convinced that despite my advice, nothing short of forensic recovery would put his old data at risk when he decided to donate some old workstations to a youth hostel. He wanted me to just delete the partitions the OS was sitting on, format and reinstall Windows. I did that on one machine right in front of him. Then I asked him to give me a few hours with that box on my own.

I returned the machine to him several hours later, with PDF copies of a few of "his" clients Tax Returns (complete with Tax File numbers) and a variety of other highly sensitive data sitting on the computer's desktop ready for the reading on a freshly installed copy of Windows 7 Pro. The entire exercise took about 4 - 5 hours, less than 30 minutes of actual hands-on work on my part. He was so grateful for my taking the time to show him what he was risking that I scored a $200 voucher to a high-end restaurant in Melbourne on top of my fee. Some people just need to physically "see" the proof of the pudding in order to believe.

What's your take? Are you still finding people insist on knowing better? I'm contemplating writing an article on this topic, but it seems so obvious to me that I wonder if it's going to turn out to be a wasted effort?

Regards, Andrew
0
LVL 40

Expert Comment

by:BillDL
I bought a 2nd hand EIDE hard drive from a PC refurbisher on eBay many years ago.  There was an ID written on the label in felt-tip pen containing the letters "NHS".  This is a well known acronym for the National Health Service in the UK.  Out of curiosity I ran GetDataBack on it and recovered a massive amount of very confidential information relating to psychiatric patients at one of the NHS hospitals in the area where the eBay seller was located.

After many emails and phone calls I finally managed to speak with the IT manager who was responsible for phasing out old IT equipment and passing it on through a recycling / refurbishment company.  I told him that I had recovered a lot of highly personal data from a hard drive that had come from a PC at the named hospital and told him who I had bought it from so that he could review the procedures and companies used.  I was met with a patronising wall of denial accompanied by an explanation of how drives are securely wiped, and was more or less told that I was lying and perhaps trying to extort money.

I printed about 20 of the documents I had recovered and posted them to the patients' home addresses with an anonymous note saying that the information had been recovered from NHS IT equipment sold on eBay.

I felt quite satisfied that at least a few of those patients would demand an explanation from the NHS as to how the documents came into 3rd-party hands and that the IT Manager would most likely be grilled about it.  (Note: it wasn't Pete Long :-)
1
LVL 27

Expert Comment

by:Brian B
Trust no one. I have read accounts of personal data getting out when someone donated a system or gave it to a friend without first fully wiping the drive. Said drive was removed and never used and then put back into the system when it was passed on to the next person and surprise! Hacker got the data.
1
Introduction to R
LVL 13
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

PDF

304

Solutions

628

Contributors

A Portable Document Format (PDF) is a file format consisting of an electronic image resembling a printed document and can be viewed, printed, and electronically transmitted. PDF files can store various types of data, including formatted text, vector graphics, and raster images. The page layout defines the location, size, and shape of each page and each item on the page. The information looks the same no matter what device or program is used to open it.