/ Technology

What’s on your old hard drive? ‘Delete’ does not mean destroy

40
Profile photo of Rich Parris Rich Parris Which? Tech
Comments 40

Have you ever sold an old computer? Given it to charity? Or sent it to the scrapheap? If so, you could be among thousands of Brits who may have unwittingly put their personal data at risk in the process.

It’s a common misconception that ‘delete’ means ‘destroy’. In fact, with just a little expertise, deleted files can easily be recovered from old hard drives.

In an investigation conducted by Which? Computing, we purchased several second-hand hard drives online via eBay – some cost as little as £15 to pick up.

Using the kind of data recovery software that can be cheaply downloaded off the internet by anyone, we were able to recover over 2,500 files from the eleven hard drives we’d purchased. We recovered everything from personal photos, spreadsheets, music files to online chat conversation histories.

Our lab experts conducted this exercise under tightly-controlled conditions, and the recovered data was fully destroyed at the end of the investigation. But in the wrong hands, the same data could lead to ID theft, fraud or even blackmail.

The risks of recovered data

Have you ever saved a CV on to your computer’s hard drive? Ever done your online banking on your home computer, or saved copies of documents to do with your home finances? These are exactly the sorts of files that can be retrieved from an old hard drive if all precautions aren’t taken to destroy the data properly.

In our recent survey of 1,003 Which? readers, we found that many are potentially leaving themselves at risk when disposing of old computer equipment. Of those who had ever sold or recycled a computer, 53% deleted their files first, though only 38% said they’d emptied the Recycle Bin as well.

Crucially, only 43% of the respondents had removed a computer’s hard drive before disposing of it. When you’re dealing with your own private files, this is the most secure method of all for ensuring no one can recover your own data from your old computer.

Data destruction – how do you do it?

Keeping a library of old hard drives stored away at home may seem like a pain, but it beats the risk of leaving your files on an old hard drive when disposing of an old computer.

Alternatively, data-wiping software can help to permanently over-write your files, though this can often be complicated to use for the less computer-savvy.

The safest method of permanent destruction is to remove a hard drive and take a hammer to it until the disk is smashed to smithereens. Environmentally this isn’t great, and it can prove hard work, but it certainly makes things nigh-on impossible for data thieves.

Comments
40
Member
wavechange says:
28 May 2012

I have a failed terabyte external hard drive that has been gathering dust for more than a year. I lost no data because it was used to provide automatic back-up. I will eventually remove and destroy the two internal disk units or keep the working one as a spare for another external hard drive.

0
 |     Reply    Report
Share   
Hide replies ∧
Member
Em says:
28 May 2012

@wavechange – sounds like it’s a fairly recent drive if it’s a terabyte. Worth checking the manufacturer’s website – I had a 1TB Seagate drive fail and entered the serial number. Still had a year’s warranty to go and got a free exchange unit within a week of sending it off.

0
 |     Reply    Report
Share   
Member
wavechange says:
28 May 2012

Thanks for the sensible suggestion, Em. This LaCie drive was less than two years old when it failed.

This drive was used in my office at work and contained a lot of confidential data. Sending computers and drives can be a risky business because of the possibility that someone could access the data. I don’t believe that the disk units themselves were faulty, meaning that it could be very easy to harvest the data.

Fortunately it was not my money, but I would still be reluctant to send off a faulty drive even if I had paid for it.

0
 |     Reply    Report
Share   
Member
anon the mouse says:
28 May 2012

While a hammer is a fun way to destroy a hard disk, you can also drill a couple of holes completely through. This breaks the vacuum and also damages the platters.

If you are passing on an old hard disk consider getting a military grade disk wiper (google it). They are free and will overwrite every sector with junk data…. completely wiping anything on it but leaving it usable.

0
 |     Reply    Report
Share   
Hide replies ∧
Member
Em says:
28 May 2012

A hard drive is hermetically sealed to keep dust and other contaminants out, but it cannot work in a vacuum. In fact, it relies on a thin film of air to “fly” the heads and stop them crashing into the platter. I only mention this, as breaking the seal alone is not enough to stop data being accessed – at least for a short time.

Obviously, as anon has suggested, drilling holes in the platter will create enough damage to stop the drive being read, but if you don’t have a drill or a Torx driver to remove the lid, what then? If you examine the cover carefully, there may be areas covered in a soft aluminium film. Punch a few holes in these with a kitchen knife, then soak the drive in a bucket of salt water overnight. That should finish it off – both the electronics and the shiny platter holding the data.

0
 |     Reply    Report
Share   
Member
wavechange says:
28 May 2012

Em’s comment above makes me think about the dangers of sending a computer for repair. If there is a fault it may be impossible to even attempt to remove personal data.

There are various possible solutions but anyone who cannot repair their own computer should think about what would happen if their computer develops a fault. In the case of laptops there is a significant risk of theft or being damaged by being dropped.

0
 |     Reply    Report
Share   
Member
Oliver says:
29 May 2012

Leaving data on your had disk could be dangerous. Smashing hard drive requires efforts and time but doesn’t guarantee that data is now safe because there are some specialized data recovery firm like Stellar Phoenix, which is dedicated to provide data recovery services from smashed or malfunctioned hard drive.
Though, you can use some specialized disk wiping software to permanently delete the data.

0
 |     Reply    Report
Share   
Hide replies ∧
Member
wavechange says:
29 May 2012

Would anyone go to the length of trying to recover data from a smashed disk unless it was known to contain valuable information? What you are saying is possible but as likely as criminals breaking into banks to steal the small change. 🙂

Companies such as the one you mentioned can recover some or all of the data from faulty computer hard drives, though this is likely to cost a lot more than the replacement drive.

0
 |     Reply    Report
Share   
Member
Oliver says:
29 May 2012

Definitely you have to spend a bit more than the brand new hard drive but what option you have left to choose in the case if the data is so important to you and couldn’t suffer to loose. Remember, what I’m saying is about critical data loss situations and steps to get it back.

0
 |