Can confidential data be retrieved from a disposed hard disk/SD card?

[ShahabKhan]

Before you answer this. Here is what I am concerned about.
Since I had my data deleted accidently. I used some tools to recover it. It had me thinking if the hard-disks with my private data that I deleted and sold/gave away can still be sacked and exploited by somebody.
The pointers to the data are deleted by the Operating system but the data remains there, it's scaring. Anyway, the good part is that if you keep using the storage device for reading/writing then eventually the data will be lost forever as the same memory location will be reused/overwritten eventually. Let's say I have some confidential data in a hard disk I delete it(right click and delete, so the data is there but only the pointer is deleted) and then use the hard disk for say two months and then give away. Is it safe to assume that the data is permanently deleted as it will be overwritten in that period eventually by other things that I wrote on the Harddisk? I am looking for the same answer for other storage devices like SSDcards and USB flash drives.
A while ago my girlfriend had this 10gb SD or mircoSD card for in her handy cam, in which she had some private pictures of her. She said she deleted those pictures and formatted the card, and the card has been used for writing data/pictures after that deleting too, atleast for a month. Now she has sold the card along with her hard disk(months back the hard disk had private and confidential data too) and now I can't help but worrying if somebody runs a data recovery tool on them and gets his hands on her private pictures

 

[Mattios]

It's possible, but unlikely. I don't think many people run those kinds of tools randomly, and if they do the formatting will hopefully have erased most of the data.

In the future, use something like this http://eraser.heidi.ie/ to permanently wipe your data.

 

[ccampy]

Possible but unlikely there's lots of software you can use that will zero over the drive basically removing any chance of getting the data back if you ever concerned

 

[fzabkar]

Flash storage is a little different in that the same physical block is not written twice in succession. That's due to wear levelling. Moreover, the capacity is always over-provisioned, so if you write zeros once to the entire drive, then the over-provisioned area will still have your original data. Of course if you overwrite the entire capacity several times, then write levelling should ensure that the entire contents are erased.

 

[Paperdoc]

Just relying on subsequent use to overwrite old data is NOT good enough. It is unlikely that ALL of your old data will be wiped that way.

For HDD's you have three reliable choices:
1. Do a Full Format using a very current Win 7 or 8. I understand that, unlike earlier versions of Windows, the new ones actually write zeroes to every Sector when a Full Format is done.
2. Use a disk utility to do a Zero Fill operation on the HDD. These tools DO write zeros to EVERY Sector, thus wiping out old data. The operation also triggers a self-diagnosis and repair process within the HDD, although that is not something you were concerned about. Technically, a sophisticated data recovery lab might be able to recover some old data after such an overwrite with a lot of time and effort, but it's VERY unlikely.
3. For GUARANTEED data destruction that will defeat ANY sophisticated recovery tools, get a utility that uses Military-grade data destruction. This overwrites everything several times, using different data patterns, so that NO traces of the original data remain. This kind of step is really only for spies and people with severe paranoia.

I am not familiar with any similar tools specifically for use with flash drives. However, as fzabkar has said, you could come pretty close by formatting the unit and then filling it with completely junk data, repeating a few times. Most flash drives have small enough capacities that this is practical, unlike a 2 TB HDD.

On the other hand, IF you do NOT need to re-use the unit, there is a totally reliable tool: a large hammer. Smash the unit to pieces so it cannot be used for anything.

 

[hang-the-9]

If you want to be totally sure that not a single file of yours is recovered, do a disk wipe with a utility made for that, even a single over-write pass with random numbers will take care of 99% of people that would try to recover your data.

Unless you are a billionare, a goverment or a celeberty and someone is looking for nude photos, no-one will bother trying anything but the most basic tools to get data from your drive.

If you format a drive, then use it for a while, chances are very good that the files on it are tough to get, you maybe coud get a file name, possibly an icon, maybe a thumbnail but not likely the whole file.