Two researchers of the University of Northern Iowa discovered that second hand USB drives often contain confidential and private information. The researchers were able to recover information with forensic software and by disassembling the USB drives.
Mojtaba Al Fardan and Dr. Sarah Diesburg bought 119 used USB drives from Amazon and Ebay and checked whether they could recover data from the drives. USB drives consist of NAND memory (the same is used in SSDs) combined with a microcontroller. According to the researchers, “the microcontroller can hide access to data stored on the NAND flash memory chip and that hidden data cannot be easily deleted”.
Due to that they were able to gain access to data that the previous owners thought they’d deleted. Although one might think everyone would clear their data before they sell an USB drive, data on 29% of the drives wasn’t deleted at all. About 36% of the drives was deleted with the [ delete ] key, 20% was erased with a Windows quick format and 10% was fully formatted.
The researchers were able to recover data that was deleted or quick formatted which gave them access to data on 85% of the 119 USB drives.
Of the data they could recover 26% was personally identifiable information such as full names, creditcards, photos of IDs, tax forms and social security numbers. About 8% of the data was corporate commercial information and 5% was confidential corporate information which included information on employees, invoices and legal documents.
The last 3% contained illicit information such pornographic material or other illegal information. The obvious advice that follows from this information is that a) buy second hand USB drives and have fun b) if you’re the seller, be sure to full format the drive.