Nearly four out of 10 second-hand disc drives contain information that could embarrass former owners and leave them open to civil and criminal prosecution, according to research by BT.
Researchers bought 300 discs in the UK, Australia, North America and Germany from computer auctions, computer fairs and online.
Analysis revealed just more than 37% contained data such as salary details, company financial data, bank and credit account details, hospital records, pornography, visa applications and online purchasing details.
Similar analysis in 2005 put the figure at 52% and 2006 put the figure at 34%. both organisations and individuals were exposed to a range of potential crimes. These organisations had also failed to meet their statutory, regulatory and legal obligations.
Andy Jones, head of security technology research at BT, who led the research, said it was hard to understand why companies were not destroying data properly, given awareness of the problem and suitable tools.