Go to Top

What is the black market value of your data?

In 2008 two big banks — The Royal Bank of Scotland (RBS) and NatWest — experienced a massive security breach. When an employee sold an old company computer on eBay, private data of over a million clients was compromised — their credit histories, details of their bank transfers and even their signatures leaked out. All of this valuable and sensitive data had been purchased for a mere £35. Two years later, in 2010, a similar story happened at NASA – the agency decided to sell redundant IT equipment left over from the defunded space programme. It soon turned out that many of those computers had contained ‘highly sensitive’ data, and the whole thing ended in a scandal.

Gigantic dumping grounds of e-waste, most of which are located in Africa, Asia and South America, are routinely scoured by professional scavengers who specialise in salvaging old equipment and retrieving valuable data left on old hard drives. In Ghana, Nigeria and Guatemala, old hard drives full of sensitive data collected by banks, the healthcare industry and e-commerce end up on piles of landfill. Some of that data could potentially compromise national security (of most countries, including the US), while some could no doubt compromise your personal online identity. All it takes to dig it out is a lot of free time and some determination.

There are plenty of takers for your bank accounts, infrastructure and personal data. Some of them might be closer to you than others, but they all know exactly what to look for. If you’re still not convinced that it’s worth your while to wipe your storage devices properly, just take a look at this list of things that could be found on them:

Data that exists on an incorrectly wiped data storage device:

Your data could be used to:

  • files that had been stored on them, including your private documents and those that you would never intend for anyone to see (smartphones often contain old picture galleries that can be quite… interesting)
  • identifying data of its owner, including physical address, logins and passwords, if they had been saved on the hard drive
  • communications history (if you had Outlook installed, your emails will be accessible; on a smartphone it’ll be your calls history as well as your text messages and emails)
  • your browsing history

·        logins and passwords saved within your browsers and applications

  • take over even more of your sensitive data
  • take over your company’s IT infrastructure
  • access you bank account
  • blackmail you
  • steal your identity
  • steal your intellectual property

·        take over your social media profiles

Being aware of the dangers and of your own vulnerability is the cornerstone of data security. You, your accounts, your devices and your data could become the target of a cyberattack at any minute. Are you prepared for that?

Do you know what the black market value of your data is?

The answer to that question depends on how much you have to lose. This is not complicated maths — your bank account balance, your reputation, your identity and the security of your company (delete where appropriate / select all that apply).

In the next post I will tell you exactly what and where a professional data scavenger could find given access to your hard drive. For now though, I’ll leave you to tally the damages that you could face if a hacker picks you as his next victim.

See you soon!

P.S. If you want to share any questions, doubts or comments about this series you can do so in the comment box below.

, , , , , , , , ,