Corporates appear to be becoming more diligent about wiping sensitive company data from their PCs.
When Computerworld handed over three used PCs to Computer Forensics in September last year to check, the Auckland data recovery company retrieved all sorts of data that shouldn’t have still been there.
One of the PCs, bought from an Auckland used computer dealer, included correspondence in the name of former prime minister Jenny Shipley and senior bureaucrats. A second PC was apparently owned by finance company AVCO, bought last year by GE Finance, and contained internal documents and letters to mortage holders sent from the firm’s Dunedin office.
However, when we recently gave Computer Forensics a secondhand notebook to go over, the previous owner’s data had been properly wiped, says Computer Forensics managing director Brian Eardley-Wilmot.
“As far as we can tell, there’s been a formal wipe process carried out. There were fragments of an old system file, which shows it wasn’t a perfect wipe, but there wasn’t anything we could get any sense out of.”
The Toshiba notebook, bought at auction six weeks ago by Computerworld, was one of many of the same type, which suggests had been part of a corporate computer network.
Eardley-Wilmot concurs, saying the wipe was probably carried out by “a large corporate that was upgrading”. The former owners would have “taken the [residual data] problem on board and done the responsible thing and wiped it.”