Several of Australia's major companies and government departments have reportedly sold unwiped IT equipment containing sensitive personal and medical information, as well as credit card information, News.com.au tells us in a report.
This poses a threat to the privacy and security of Australians since cybercriminals might possibly exploit this information to launch attacks. Even the highest-level government agencies, according to some reports, are disposing of away entirely unwiped devices - containing keys to state infrastructure.
According to research undertaken by the consulting firm PwC, improper disposal of e-waste poses a considerable danger of data breaches. Just around 10% of the 650 kilotonnes of e-waste produced annually in Australia and New Zealand gets properly collected, as opposed to being discarded.
This implies that sensitive information can fall into the wrong hands, exposing individuals and businesses to cyber assaults.
Unscrubbed Devices Exposed Critical Information
The problem is not limited to government agencies, as entire Excel spreadsheets that contain the names, addresses, mobile phone numbers, and credit card details of customers of major retailers have been found on second-hand devices by cyber sanitation company WV Technologies
Second-hand devices have also been uncovered containing the alarm codes for dozens of establishments that the same company operates.
It is crucial that e-waste is disposed of in an appropriate manner, as evidenced by the fact that one in every 250 hard drives that find their way into WV Technology's custody is not properly wiped.
Read Also: French Government Bans Recreational Apps from Government Devices, Including TikTok, Twitter, & More
Also, used hard drives are being imported from Australia by foreign nations such as China, significantly increasing the likelihood that sensitive data will be compromised.
The Problem with E-waste Disposal
Due to company costs, experts say the safe disposal of IT equipment is seldom given enough attention.
News.com.eu tells us that in response to high-profile cyber breaches, the federal government is currently updating the nation's cybersecurity legislation, including the Privacy Act.
This provides a chance for the government to include more explicit and obvious e-waste duties on businesses as part of cyber regulation.
Kurt Gruber, the founder director of WV Technologies, advises businesses to avoid performing data deletion in-house and instead seek out NAID AAA-certified data destruction vendors.
This accreditation shows that the company adheres to the highest requirements for secure data deletion, lowering the danger of sensitive information falling into the hands of the wrong people.
Negligence-related Data Breaches
According to a 2018 report by IBM and the Ponemon Institute, negligence-related data breaches are the primary cause of cyber-attacks in the United States, accounting for nearly one-quarter of all data breaches.
These data breaches include leaving usernames and passwords visible to others, leaving computers open, and forgetting to delete data from old devices. Such breaches can cost the targeted company an average of $128 per compromised record.
Companies must train personnel to manage sensitive information and disclose any breaches to prevent such breaches. Companies must also exercise caution when engaging with third-party providers, notably e-waste recyclers.
Stay posted here at Tech Times.
Related Article: Chess Legend Kasparov Says Google AI and Microsoft ChatGPT Aren't Top Security Risks: Saying He Fears Bad Actors More
