As shocking as the security blunder reported in yesterday's Daily Telegraph was, organisations would do well not to dismiss it as a one-off blunder.
Studies conducted by BT and the University of Glamorgan over the last four years have revealed that over a third of computer hard disks bought on the second hand market contain undeleted sensitive information. A copy of the report can be found at:
http://menchi.labs.bt.com/wiki/images/5/5c/Analysis_of_Information_Remaining_on_Disks_-_2007.pdf
Mirroring this incident, the information the researcher found on the analysed hard drives included salary details, financial company data, bank and credit account details and medical data.
When organisations dispose of surplus and obsolete computers, they must ensure that adequate procedures are in place to destroy and not just delete personal and sensitive data held on them. The technology for doing so is readily available on the market and
is not prohibitively expensive - there is no excuse for these types of mistakes.