Warning after 75,000 ‘deleted’ files found on used USB drives

BBC reports:

Cybersecurity researchers discovered about 75,000 files after buying 100 of the drives on an internet auction site.

Some USB drives contained files named “passwords” and images with embedded location data.

All but two of the drives appeared empty, but the team said it had been “worryingly easy” to retrieve data.

Read more on BBC.

This is nothing new, of course. But then we have to ask WHY it is still a threat. Is it time to say that USB drives cannot be sold or re-used and have to be treated as toxic waste, buried 3 miles underground, taken out in the ocean and dumped after being embedded in concrete, or otherwise destroyed?

Landmark civil penalty of AU$5.8 million issued under Australia’s Privacy Act
How many courts have had sealed and sensitive files exposed by one vendor's error?
Legal Aid Agency chief admits difficulties understanding impact of cyberattack
The 4TB time bomb: when EY's cloud went public (and what it taught us)
Some lower-tier ransomware gangs have formed a new RaaS alliance -- or have they? (1)
Uncovering Qilin attack methods exposed through multiple cases

Related: