It should be 101 stuff: before you dispose of a server, drive or mobile phone, you wipe all the information from it. But has it really disappeared? Data recovery firm Kroll Ontrack purchased three “wiped” items of hardware online, and found easily restored data on all three of them.
Kroll Ontrack tested a second-hand laptop, rack mounter server and iPhone which had been advertised as “wiped of data”. Only the laptop was actually clean. In a press release, APAC general manager Adrian Briscoe explained what was discovered:
The iPhone contained personal text messages and images that had not been erased before it was being offered online. While the server and laptop had been subjected to some data erasing, the server had approximately 55GB of recoverable data in more than 70,000 files. We found data on the server, and were able to identify its previous owner, an Australian financial services company. We suspect the company had more than one of these servers and had wiped some drives, partially wiped others, and then shuffled drives around between the servers before selling them.
The lesson? Data erasure requires a little more effort than just a basic delete command. Check the video for more information on the experiment.