Bill Kerridge is a pub owner who runs an award-winning pub in North Shields, northern England, and whose daughter is a talented gymnast.
Normally, Kerridge would be happy for the readers of a national newspaper to know those details, but this time he was not, because along with a wealth of other information relating to his family, the data was recovered from a computer hard drive bought over the Internet via eBay that the Kerridges knew nothing about.
The news that such personal information about his family holidays, his eldest daughter's training regime and details of his business had been recovered as part of an investigation by British Telecom (BT), data destruction specialists Life Cycle Services and researchers at Glamorgan University has shocked Kerridge.
Richard Martin, 53, was another individual who felt the same way. A hard drive from a personal computer that he had thought he had disposed of properly yielded highly personal letters relating to his financial affairs, including details of bank accounts and insurance claims.
Information of this kind is potential gold for the UK's fastest growing crime trend: identity theft.
"I think that this is shocking, that there is information like this going around about my family," Kerridge said.
"Basically I think that there should be a lot more information made available to people on how to destroy the data on their computers. I wouldn't know the first thing about how you would go about destroying this data," he said.
Martin had given his computer to the information-technology (IT) department of Man Trucks, the company he was working for, and asked them to destroy it. Both Kerridge and Martin are fairly typical of the bulk of the UK population who see the value of new technology in the computer rather than the data it is able to process, obtain and retain.
This is a potentially fatal error given the close relationship that now exists between computers and ourselves, as Kerridge's case has proved.
As the university's forensic team conducted the research, it peeled back the layers on the disk. Web searches, phone numbers of employees, e-mail conversations and details of their daughter's boyfriends -- all spilled onto the university computers.
There was enough data for a would-be identity thief to garner more information by ringing up those people identified and "socially engineer" more relevant details.
In the case of Rob Morris, a 38-year-old IT worker from Swindon in southwest England, it could have been even more damaging. Details of his mobile phone account were found on a disk that had been disposed of by Vodafone -- which bought the company he worked for, Cellular Operations, in 2003.
According to Morris, Cellular Operations also held crucial personal details such as his date of birth and credit card records on the discarded disk.
"When Cellular Operations was taken over by Vodafone they were only interested in the subscriber base -- they got rid of the buildings, the computers and the people," he said.
"It's a bit worrying that a company like Vodafone has not disposed of it properly," Morris said.
It is also potentially illegal and could lay Vodafone open to prosecution by anyone who finds that poor safeguards on their personal data have led to losses from ID thieves or hackers -- a risk highlighted by UK Information Commissioner Richard Thomas in his annual report in May this year.
"My office has exposed an alarming trade in illegally obtained personal information," he said. "Impersonation and bribery are used to get inside information ranging from car registration details to bank records."
Being careless with personal information also breaks the UK's Data Protection Act (DPA), a point forcibly made by a spokeswoman for the country's Information Commissioner.
She said: "With the widespread use of technology and the constant updating of systems, it is imperative that information about individuals is kept secure at all times, which is why we have the DPA."
Despite the DPA's protection, research by BT and Lifecycle Services uncovered huge amounts of company information from Man Trucks, a German transport manufacturer that has its UK headquarters in Swindon.
The company, which has a worldwide workforce of 58,000 and sales of 14.7 billion euros (US$18.7 billion), had again disposed of hard drives from computers that contained highly detailed company information, including personal details on staff payroll, internal contact details, internal planning and strategy documents, written warnings to staff and copies of invoices and orders.
Sufficient information had also been recovered on the company's computer network to allow the multinational to be effectively hacked, and indeed one disk appeared to show that a Trojan had been installed on a manager's computer.
"A Trojan program is one that lets a hacker siphon information out of a computer and the Man Truck disk that we looked at showed that the computer had been turned into a server that was using port 8182, which is very unusual," said Andrew Blyth, who oversaw the Glamorgan research.
Which is the sort of insight Blyth was hoping that the cast-off computer hard drives would turn up.
"This fits in with ongoing research that is being carried out here by out specialist forensics team into the business and personal impact of people not disposing of their data properly," he said.
"People have got the message with personal information and how they should use it online, but they have not got the idea with the electronic information that is stored on their computers. They think that when they hit delete that the data fairy comes along and the information is wiped off forever," Blyth said.
The research showed just how many people believe in the data fairy: though 41 percent of the disks were unreadable, 20 percent contained sufficient information to identify individuals and 5 percent of the disks held commercial information on UK organizations.
There was also illegal information with 5 percent of the disks holding "illicit data" and 1 percent of the disks bearing pedophile information.
"This is the second time we've done this research and it shows that businesses are neither taking adequate precautions nor meeting their obligations," said Andrew Jones, BT Exact's head of technology research.
"Given the rise in ID theft we need to do better, and finding out things like that is the point of the research," he said.
Just how compromising and thorough the information stored on computers can be was demonstrated by data obtained from disks belonging to Port Weller Dry Dock, a Canadian ship building company.
On the drives was information that showed the company's details on a bid for the US Navy's top secret DD21 destroyer program, part of a US defense program intended to equip the US Navy for the 21st century.
There were also details that compromised one company employee, showing him to be a closet transvestite and potentially leaving him open to blackmail -- once again showing just how intimate the relationship with our computers has become.
Jon Godfrey, managing director of Life Cycle Services, which recycles computers and destroys any data left on them, said: "The thing about computers is that they hold a complete personal profile and they compile it over a number of years and then people just throw them away with that slice of their lives on them."
"People get worried about losing data on computers but they don't realize that erasure is as important as retention. The survey shows that the commercial sector is still chronically ignorant of the destruction and retention of data, and our experience is that the problem is actually worse than the study suggests," Godfrey said.
The gutting of Voice of America (VOA) and Radio Free Asia (RFA) by US President Donald Trump’s administration poses a serious threat to the global voice of freedom, particularly for those living under authoritarian regimes such as China. The US — hailed as the model of liberal democracy — has the moral responsibility to uphold the values it champions. In undermining these institutions, the US risks diminishing its “soft power,” a pivotal pillar of its global influence. VOA Tibetan and RFA Tibetan played an enormous role in promoting the strong image of the US in and outside Tibet. On VOA Tibetan,
Sung Chien-liang (宋建樑), the leader of the Chinese Nationalist Party’s (KMT) efforts to recall Democratic Progressive Party (DPP) Legislator Lee Kun-cheng (李坤城), caused a national outrage and drew diplomatic condemnation on Tuesday after he arrived at the New Taipei City District Prosecutors’ Office dressed in a Nazi uniform. Sung performed a Nazi salute and carried a copy of Adolf Hitler’s Mein Kampf as he arrived to be questioned over allegations of signature forgery in the recall petition. The KMT’s response to the incident has shown a striking lack of contrition and decency. Rather than apologizing and distancing itself from Sung’s actions,
US President Trump weighed into the state of America’s semiconductor manufacturing when he declared, “They [Taiwan] stole it from us. They took it from us, and I don’t blame them. I give them credit.” At a prior White House event President Trump hosted TSMC chairman C.C. Wei (魏哲家), head of the world’s largest and most advanced chip manufacturer, to announce a commitment to invest US$100 billion in America. The president then shifted his previously critical rhetoric on Taiwan and put off tariffs on its chips. Now we learn that the Trump Administration is conducting a “trade investigation” on semiconductors which
By now, most of Taiwan has heard Taipei Mayor Chiang Wan-an’s (蔣萬安) threats to initiate a vote of no confidence against the Cabinet. His rationale is that the Democratic Progressive Party (DPP)-led government’s investigation into alleged signature forgery in the Chinese Nationalist Party’s (KMT) recall campaign constitutes “political persecution.” I sincerely hope he goes through with it. The opposition currently holds a majority in the Legislative Yuan, so the initiation of a no-confidence motion and its passage should be entirely within reach. If Chiang truly believes that the government is overreaching, abusing its power and targeting political opponents — then
RSS