How many people hand over their business or personal retired data-bearing IT devices, with assurances the data will be deleted, when instead every aspect of their life goes out for anyone to buy and do anything with?

♦ A German TikToker is going viral for detailing the juicy documents and photos he claims to have found on a $15 Apple Time Capsule he allegedly purchased from the thrift retailer, Goodwill.

♦ He claimed “Don” had photos on his hardware going all the way back to the 1980s. He theorized he was either a business owner or CEO.

♦ “There is audit history, credit card numbers, flight information. I have this man’s bank account number,” the TikToker said. “I can see how much money he had in the bank at one point. I even have his life insurance information, and this dude is worth millions of dollars.”

♦ In what appears to be good news for Don, the TikToker claimed he would delete all of his info once he was done looking through it.

♦ “Do not donate your old technology to Goodwill,” the TikToker stressed. 

♦ The TikToker said he will browse thrift stores to find spicy information on similar devices.

♦ Goodwill had 7 locations across the US listed as R2 (Responsible Recycling) certified, but 6 are listed as “Voluntarily Withdrawn”, and 1 is listed as “Facility Moved”.

Seri R2 finder here with Goodwill details

The short article and 1:01 video should be a wakeup call for any individual or organization who does DIY data sanitization or hands their assets over to an IT Asset Disposition vendor without knowing as much about data overwriting and ITAD certifications as an SME in the ITAD industry.

I’ve posted countless stories like this in my 3.5 years working with NextUse, 1 of the 3 best certified data security specialized ITAD vendors in the US, 1 of the 6 best in the world, in an attempt to make people aware of how often data sanitization is not implemented, either DIY by a user/organization, or by unqualified or underqualified vendors.

Thanks so much to Rebecca Green from NextUse for pointing this article out to me.

Not surprisingly, despite growing public awareness of data security and privacy issues, I was only able to find this article on 3 media sources at the time I’m writing this post: the New York Post, The Daily Dot, and Couriermail, showing how shockingly little attention cases like this receive.

Original article here