Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Improper Router Disposal is a Huge Security Risk
April 19, 2023
Most users know to take special precautions when selling or disposing of their computers and cell phones. Proper disposal is critical to make sure private information isn’t inadvertently transferred to an unauthorized person. Don’t forget about all the other electronic devices in our lives. Upgrading your Fitbit? Clear the device before you get rid of it. Selling your car or turning it in at the end of the lease? Clear all the configuration settings and history from the vehicle electronics. After all, the next buyer could drive to your home by selecting the “home” destination in the navigation system and open your garage door with a simple press of a Homelink button. Similar situations exist for pretty much every piece of technology we use.
Gizmodo posted a story dealing with data left over in secondhand routers. Security researchers from ESET discovered that less than half of their sampled secondhand enterprise routers had internal data removed. Devices had enough residual data to “identify the previous owners, and also login information for the organizations’ VPN, credentials for a communication service, and hashed root administrator passwords.” Wowzer! That residual data is the information equivalent to having your garage door opener.
The sample size was pretty small, but still exhibits the valuable (and potentially destructive) data that users leave behind when disposing of technology. Just like your computers and cell phones, make sure you wipe the device and perform a factory reset prior to disposal.