Similar to shredding physical files, electronic data must be destroyed properly. Simply deleting and even formatting a hard drive or data storage device is not enough. Just like confidential papers must be shredded to prevent dumpster diving, so electronic data must also be destroyed to prevent data mining.
Case Study
"In a study of ten used hard drives, either bought from resellers or salvaged from town dumps, all but one of these drives yielded an array of sensitive data. Confidential business, medical, and legal records: even Social Security, credit card, and bank account numbers all were easily located on the used hard drives.
Most of the information was easy to find even on four of the used hard drives whose previous owners had attempted to erase the data by deleting files or by formatting the drive. Those measures simply conceal the data from the operating system. Not surprisingly, the original owners were shocked when they learned strangers had accessed their information.
One of the hard drives previously owned by an accountant had four years worth of clients' payroll, tax information, and employee Social Security numbers. An IT consultant had "properly" destroyed the data on the used hard drive."
PC World Magazine
May 2003
Make sure confidential data is destroyed properly, contact eBastille. 405.691.5474