Skip to Content
Security & privacy

This major online retailer has private data for sale

Data breaches are on the rise, and everyone is looking for someone to point the finger at. In most cases, rogue hackers or hostile governments can be blamed for major cybercrimes. Sometimes, however, the fault lies squarely on the shoulders of user error.

At this point in time, deleting your personal data should be second nature when selling computer hardware. Sadly, one of the biggest online marketplaces is showing staggering levels of data incompetence from its users. A significant amount of storage devices for sale are being found with personal information still intact. The worst part: Companies are selling used equipment without erasing data from customers.

Not only does data negligence threaten your own livelihood, but also puts innocent people in situations that might be uncomfortable or compromising. The fact that third-party companies are failing to remove user data from devices they’re selling is even more alarming — and can lead to major privacy and financial consequences for everyone involved.

Bid on user data — or “Buy it Now” for cheap!

eBay is currently one of the largest marketplaces on the internet for used and like-new electronics. It can be a good feeling to pass on your old equipment to an interested party, but ignoring data security can be disastrous. Surprisingly, this isn’t as uncommon as you’d think.

Analysts at Blancco Technology group reported that sensitive information has been found on a whopping 42% of hard drives purchased from eBay in the U.S., U.K., Finland, and Germany. This information included personal data like passports, birth certificates, office emails, and internal company schedules.

In fact, one of the hard drives purchased contained software belonging to a U.S. government insider with high security clearances. This means unsafe data practices can potentially lead to national security issues if not confronted and addressed.

This study not only included items sold by individual sellers, but items sold by third-party companies that specialize in brokering used electronics. The study determined that relying on these entities to properly secure your data when inspecting hardware is unreliable, and the burden should fall on the original owner before they give up old equipment.

How can I protect my data if I sell second hand?

It’s not very likely that criminals will purchase hard drives en masse to steal private data. After all, hacking is far more fun and lucrative for data thieves.

Imagine, however, if your personal information fell into the hands of an ordinary person with a less-than-stellar moral compass.

They might be tempted to withdraw $100 here and there from your bank account, read through your private email drama for entertainment, or worse: sell your data to proper thieves to keep their own hands clean. This is all completely possible if you disregard the importance of protecting data.

So what’s an aspiring seller to do? The simplest way to protect yourself is to take matters into your own hands and erase all of your data before selling anything secondhand. Thankfully, when it comes to smartphones, most manufacturers and sellers force you to “reformat” your device before they can buy it from you. The same logic should apply to every device you put up for sale as well.

Even if the used computer store you’re selling to has an explicit data-deletion policy, it’s still wise to rely on yourself over others. Heavy traffic in the store can lead to employees being careless and forgetting to remove your data, for example. Life happens, and it’s best not to take your chances when it comes to your personal information.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days