Used enterprise-level network equipment being sold on the secondary market could pose a security risk, reveal researchers at cybersecurity company ESET. The team purchased 18 used core routers, finding that half of those that worked properly had not been wiped properly during the decommissioning process. The configuration data retained by the routers included sensitive network and customer information that could leave corporate environments vulnerable to attack. The researchers warn that failure to securely wipe network devices before disposal could enable hackers to breach the corporate environment or access customer information. They also recommend following device makers’ guidance on securely wiping and returning items to factory state, and caution against the use of third-party services for the destruction and disposal of digital equipment.
