Sophos recommends firms and home users are careful about how they
dispose of old computers.
IT security and control firm Sophos has reminded organizations
and home users of the importance of securely disposing of computer
equipment, in light of the arrest of a man accused of attempting to
blackmail Formula One racing drivers Adrian Sutil and Lewis
Hamilton.
German police are
reported to have arrested a man who is alleged to have tried to
sell a hard disk which had belonged to Sutil, and contained
personal information, details of Swiss bank account transactions,
photographs, and private correspondence between the 25-year-old
German who drives for Force India and his racing ace friend, Lewis
Hamilton.
The suspect, who has only been named as "Dieter", was arrested
by undercover detectives at an autobahn service station outside
Munich as he tried to sell the disk to Bild Motorsport magazine for
10,000 Euros (approximately £8,000).
"This is a timely reminder to businesses and individuals alike
that if you are disposing of an old computer make sure you securely
wipe its hard drive first. Whether you are taking the PC down to
the garbage tip, selling it onto a friend, or giving it to charity,
it is critical that the data on it is properly overwritten and
permanently erased," said Graham
Cluley, senior technology consultant for Sophos. "This is
computer security 101. Identity thieves have been known to hang
around junkyards picking up old computers just minutes after they
have been dropped off, and then using data recovery tools to see if
financial records, passwords and other information useful for
stealing identities can be unearthed. And if you're a business or
mega-rich celebrity such as a Formula One driver the losses can be
even more acute."
Sophos experts believe that if Adrian Sutil's father Jorge had
properly erased the contents of the computer when he disposed of it
a year ago, the racing drivers would not have been at risk of
blackmail.
"Deleting a file doesn't necessarily mean that it's really gone
- and a computer-savvy con-man using simple tools can often bring
information back from the dead. To properly defend yourself you
need to make sure your hard drive data has been overwritten,
preferably multiple times. That's why Government offices are told
to use military-grade erasure software to ensure that data cannot
be recovered by criminals from dumped PCs," continued Cluley.
"Businesses also need to have a strict policy in place about how
they deal with old computers, hard drives and storage devices to
ensure that sensitive information does not fall into the wrong
hands."
Dieter faces charges of attempted blackmail and possession of
stolen personal data. If found guilty, he could face a maximum of
up to five years in jail.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.