http://news.bbc.co.uk/2/hi/business/4790293.stm 14 August 2006 Bank account details belonging to thousands of Britons are being sold in West Africa for less than £20 each, the BBC's Real Story programme has found. It discovered that fraudsters in Nigeria were able to find internet banking data stored on recycled PCs sent from the UK to Africa. The information can be found on a PC's hard disk, which is easy to access if the drive is not wiped before sending. Anti-fraud expert Owen Roberts said simply deleting files was not enough. Users should instead use a programme to wipe their hard drive before they sell or give away their PC, a process which over-writes what is already contained on the drive. Alternatively, people should remove their hard drives before they give away their computers, he said. 'Surprisingly easy' "It is surprising how easy it is to obtain documents people leave on their computers," said Mr Roberts, who is head of identity fraud at CPP Group. Real Story found that second-hand computers from all over the developed world could be found in virtually every PC market in Nigeria's commercial capital of Lagos. It said that while there was a genuine market for second-hand PCs in West Africa, identity fraud was a real problem. Many of the PCs it found on sale in Lagos had come from UK council recycling points. People are still being urged to give away their old PCs, but only after they have wiped the hard drive - not just to remove any bank details but also other personal information such as home addresses. The Information Commissioner's Office, the UK government's regulatory office dealing with data protection, said companies had a legal requirement to delete people's personal information from their computers when it was no longer needed. "It is essential that companies have appropriate procedures in place to ensure that personal records on computer hard drives are rendered unrecoverable when they dispose of computer equipment," said Assistant Commissioner Phil Jones. "Under the Data Protection Act companies have a duty to store personal information securely and delete it when it is no longer required." Real Story's investigation into the risk of identity theft from old PCs is broadcast on BBC 1 at 19:30 on Monday, 14 August. _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Tue Aug 15 2006 - 01:43:26 PDT