75,000 ‘Deleted’ Files Found On Discarded USB Drives

Cybersecurity researchers discovered about 75,000 files after buying 100 USB drives on an internet auction site, according to BBC News. Tax returns, contracts and bank statements were among the “deleted” files recovered by Abertay University investigators from the used drives, and some even contained files named “passwords” and images with embedded location data. All but two of the drives appeared empty, but the team said it had been “worryingly easy” to retrieve data, as they used “publicly-available tools” to retrieve the sensitive information. They added that only 32 of the drives had been properly wiped, while partial files were extracted from 26 devices, and every single file was extracted from the remaining 42 USB drives.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Jon Fielding
Jon Fielding , Managing Director EMEA
InfoSec Expert
November 5, 2020 1:53 pm

This is a prime example of user error and the risks of not encrypting sensitive data. The researchers who purchased these devices used \\\”publicly-available tools\\\” to easily retrieve the sensitive information. If these devices had been encrypted, or even better, if they were encrypted with a reset and/or “self-destruct” feature that removes the encryption key when executed, the data could not have been accessed. Any USB device that contains files determined to be of \\\”high sensitivity\\\”, should always we encrypted.

Without encryption, the end result is that if these devices are lost, stolen, or in this case, sold, they could very easily land in unscrupulous hands with serious repercussions. Whether it be personal data, intellectual property or corporate sensitive information, simply using encrypted USB devices will ensure that even when files are deleted, these cannot be retrieved and the contents remain obscured and inaccessible.

Last edited 2 years ago by Jon Fielding
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
November 5, 2020 10:07 am

Data can be very easily retrieved with specialist software, so people must be careful when selling secondhand devices and hard drives. If sensitive data has ever been on a device, it is possible that it will be recovered at a later date – even if the device has been wiped. Leaving highly sensitive data on USBs and then selling them highlights a lack of awareness around data protection, and also puts those connected to the data at risk. Businesses must comply with certain rules about destroying data, and consumers must think twice before selling anything that may have sensitive data on it.

If individuals are concerned about the potential contents of discarded or lost USB drives, I would urge them to encrypt their devices in case they are ever misplaced.

Last edited 2 years ago by Jake Moore
Would love your thoughts, please comment.x