What is the most valuable property you have? Your money? Your house? Your inheritance? No, it is your identity! If your identity is stolen, criminals may get access to everything, which rightfully belongs to you.
How your identity can be stolen? Criminals can get access to your personal data in multiple ways. While you are unable to control most of the paths of the personal data leaks, some people decide to do what they can – eliminate any individual data leaks from them and from their household.
Identity theft starts with the misuse of your personally identifying information such as your name and Social Security number, credit card numbers, or other financial account information. For identity thieves, this information is as good as gold.
Skilled identity thieves may use a variety of methods to get hold of your information, including:
- Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information on it.
- Skimming. They steal credit/debit card numbers by using a special storage device when processing your card.
- Phishing. They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information.
- Changing Your Address. They divert your billing statements to another location by completing a change of address form.
- Old-Fashioned Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records, or bribe employees who have access.
- Pretexting. They use false pretenses to obtain your personal information from financial institutions, telephone companies, and other sources.
I personally think that are just being paranoid on shredding everything, since in the modern society it is much easier to steal multiple people information from central locations, like banks, insurance companies, HR, and so on, than to dig in the garbage cans in hope that you have not shredded your sensitive documents. There is even undercover online market for the stolen identities, so one criminal can buy your identity from another criminal, like any other product.
Hard drive as security breach
While identity theft is a topic for entire blog, in this post, we will just review a small aspect, related to the topic from our computer perspectives – in particular, on how to remove the sensitive data from your Hard Drive, before you dispose or sell it on eBay for any reasons.
A study by Simson Garfinkel, author of Database Nation, found that drives purchased on eBay routinely contain sensitive or confidential data. Garfinkel was able to purchase an old ATM machine hard drive on eBay that contained 827 unique account PIN numbers. He purchased another drive on eBay that had previously been owned by a medical center. That drive contained information on 31,000 credit card numbers.
Before you get rid of an old hard drive or computer, you need to make sure the data on the drive is impossible to recover. Frankly, data is almost always recoverable to some degree, but with the proper precautions you can at least make sure that Joe Shmoe who bought your hard drive from your garage sale can't access your Quicken financial information.
Simply erasing all the data on your hard drive and formatting it is not enough security. You can spend hours going through your hard drive and deleting all the files and documents you want, but using the delete key on your keyboard in Windows will only remove the shortcuts to the files making them invisible to users. Deleted files still reside on the hard drive and a quick Google search will show many options for system recovery software will allow anyone to reinstate that data.
When you erase/delete a file from your computer, it's not really gone until the areas of the disk it used are overwritten by new information. If you use the normal Windows delete function, the "deleted" file is sent to the Recycle Bin until the space it uses is required by other files. If you use Shift-Delete to bypass the Recycle Bin, the space occupied by the file is marked as available for other files. However, the file could be recovered days or even weeks later with third-party data recovery software. As long as the operating system does not reuse the space occupied by a file with another file, the "deleted" file can be recovered.
With SSDs, the erased file situation is even more complex. SSDs store data in blocks rather than in sectors as with magnetic storage. Overwriting a block was previously used involves copying the contents of the block to cache, wiping the block's contents, delete the block to be overwritten from cache, writing the new data to cache, and rewriting the block with the new data. As an SSD is used with files that are deleted or changed frequently, the performance can drop unless the drive (and operating system) support a technology called TRIM that wipes out deleted data blocks as soon as the file using the blocks is deleted. TRIM is supported by Windows 7 and by some late model SSDs, but not by older Windows versions.
Formatting the hard drive is a bit more secure than simply erasing the files. Formatting a disk does not erase the data on the disk, only the address tables. It makes it much more difficult to recover the files. However a computer specialist would be able to recover most or all the data that was on the disk before the reformat.
For those who accidentally reformat a hard disk, being able to recover most or all the data that was on the disk is a good thing. However, if you're preparing a system for retirement to charity or any other organization, this obviously makes you more vulnerable to data theft.
For some businesses and individual users, a disk format may be something you consider secure enough, depending, of course, on the type of data and information you saved to your computer. As long as people understand that formatting is not a 100 percent secure way to completely remove all data from your computer, then they are able to make the choice between formatting and even more secure methods. If you have decided a disk format is a good choice, at the very least to do a full format rather than a quick format.
Therefore, to be sure that your data is removed beyond all practical ability to recover it, you should use a special wiping or erasing utility. These tools overwrite every sector of the hard drive with binary 1's and 0's. Those that meet government security standards even overwrite each sector multiple times for added protection.
We will review several wiping utilities later in the software section of the blog, but there is indeed one secure method, you can apply without computer knowledge, additional utilities, or even understanding how the hard drive works at all.
One of the surest ways to achieve data elimination forever is just physical destruction of the hard drive. Clearly, this is only an option if you are going to dispose of the drive afterwards.
There are a few ways to go about this. You could get some high powered magnets and wipe the drive a few times with them. This scrambles all the data that is written magnetically on the disk.
Another option is to wail on the drive a few times with a hammer. Please remember to wear proper safety accessories such as safety glasses when using tools.
Finally, you can always take the drive apart to make sure the disk gets completely demolished. To do this though, you will probably need a special T9 torx screwdriver. Or, you can try to simply pry the thing apart, but please, as before, use proper safety measures.
On top of making sure you completely confident your information is gone, this can work out to be a good stress reliever.
Sources and Additional Information: