Personal data on used devices is a threat to the seller and buyer

Kaspersky Lab experts conducted a study and found that used devices often have confidential data of previous owners.

At the end of 2020, the team of the Kaspersky Lab Center for Global Research and Threat Analysis (GReAT) decided to check how secure used devices are. Leading specialists in the DACH region (Germany, Austria, Switzerland) Marco Preuss and Christian Funk studied used laptops, hard drives, memory cards and other media for two months.

Experts examined the data that remains on used laptops and drives sold. What traces can the seller leave behind? Will the buyer be able to get rid of them and use a used device as well as a new one? Will a used device be safe if it is not cleaned?

How often does the user’s data remain on used devices

At least some remnants of data were found on the vast majority of the studied devices. Mostly it was personal information, but there was also corporate information. Researchers managed to immediately access the data of the former owner on more than 16% of the devices. The experts managed to restore the erased information on 74% of used media and computers using the file carving method. And only 11% were properly cleaned.

Marco Preuss and Christian Funk found various data on used devices — from potentially harmless to confidential and extremely sensitive: calendar entries, meeting minutes, credentials for accessing corporate resources and internal documents of organizations, personal photos, medical information, tax documents and much more. Christian Funk emphasizes that personal data never loses value: if you suddenly sell a carrier with confidential information, you will not be able to just wait and relax over time if nothing happens. Feeling safe does not mean that you are safe.

Contact lists, tax documents and medical records (or access to them using saved passwords) can be used directly by attackers. But there is also data on used devices that can cause damage indirectly. Cybercriminals even collect profile information and posts on social networks for their frauds, but the contents of a digital device are much more informative.


Learn More →