Man Looking Inside Photocopier

Warehouses worldwide hold thousands of used copy machines ready to be sold to unknown buyers. Nearly every copy machine that has been built since 2002 contains a hard drive similar to the one on your computer.

Your copy machine stores images of every document that you scan, email, and copy. Personal information, such as your Social Insurance Number, birth certificate, bank records and income tax forms can be found on your copy machine. This is the kind of information that identity thieves thrive on.

Retrieving images and information from copy machines is easy with a bit of computer knowledge. Too easy. Once you purchase a used machine for about $300 and turn it on, you can find out where it’s from, how many copies and prints are stored on it, and what it was used for.

It takes about 30 minutes to remove a hard drive from a copy machine. You can access thousands of documents in less than 12 hours. All you have to do is download free forensic software programs on the Internet and run a scan.

The industry fails to inform people of the potential risks of copy machines. According to a 2008 Sharp survey, 60% of Americans are unaware about the security risks of copy machines.

Some major manufacturers offer security or encryption packages on their products. There is a Sharp copy machine that automatically erases images from the hard drive, it costs $500 to install this device but most businesses are reluctant to pay for it.

Remember that your copy machine is actually a computer. If your copy machine is ready to be sold, clean up your hard drive and destroy it. This will keep your personal information safe from identity thieves. There are many low cost and free programs available to securely delete files and folders (don’t trust the Recycle Bin) and also completely wipe a hard drive when you are done with it. E.g. WipeDrive, DBAN, Eraser, SDelete, Freeraser.

Do you always wipe your data?

  1. Well, this is certainly one more reason I can give my family when I tell them I need to dissemble the copy machine. I suppose though I have heard for this situation before but it applied more towards fax machine, about how they need to store the image before sending it off. I just hope I remember this next time before I actually threw it out.

  2. I never knew, until this one, that copy machines have hard drives, too. This can be alarming if someone steals the hard drive and makes use of the confidential infos that are in there. Maybe, copy machines should not possess hard drives anymore. Just a very wild suggestion of mine.

  3. Wow, that’s not good. I knew that a copy machine stores it all but i thought it would just be for some time as I considered the hard drive as not big enough to save everything for a longer time. Something to think about and I hope a lot people will do and take action.

  4. The knowledge to remove data from a copy machine would be very helpful in minimizing security risks. What I’m more worried about is the numerous copy machines in public business centers that are used by many people. This article makes me wonder if all-in-one printers also store data from copied documents and would pose the same security problems as copy machines.

  5. I was not aware of this issue with copy machines and stored data. That’s very alarming that it is so easy for someone to access the data from a hard drive.

    At the same time it makes me wary about using publicly available copy machines in libraries, etc. I had always enjoyed the convenience of this, but obviously there are potential risks since we never know what the inevitable fate of the copy machine will be once it is no longer used by a particular establishment. All the more reason to only use my own copy machine at home for any document that is even remotely confidential.

  6. I agree that copy machines are serious security risks. We have one of our interns or young employees stand next to the copier the entire time that the repair technician is here (which is often). We don’t want any information being leaked so we watch everyone that enters our office very closely. Excellent article.

    • That’s a very good idea. Sometimes the simplest of tactics can deter or prevent loss of data. In all of the offices I’ve worked at over the years, we never did anything like that, and should have. While we’re focused on the online threats understandably, equipment in offices is also at risk.

      It’s unfortunate the the data encryption options are so costly. Perhaps at some point that will change. I can understand the reluctance to invest, but still it’s worth it when one considers the alternative.

  7. I have only known about this from a TV Show last year. The show discuss about acrime scene of sort and one way of retrieving information was to go into the company copier and check the contents of the copiers hard drive, which was amazing at the time when I was watching the show. But after a while, it sunk to me how damaging this could be for organizations that handle confidential documents.

    The copiers now a days should also be handled by the IT to wile and delete data before handing off to the asset department for disposal or selling.

  8. Copy machines have been around for so long that I never even thought of them as a security risk. Thank you for bringing it to my attention! I didn’t consider third parties being able to receive sensitive documents. I’ll have to speak to my IT manager about it.

  9. Huh, I never knew that copy machines had a hard drive in it. I knew that printers had a temporary cache to store files that are sent to it, but copiers shouldn’t have a hard drive in them. There’s no reason to have a hard drive to store scans and copies unless the copier somehow had a photo recognition program that was accurate enough to recognize documents that were already copied. I could see the hard drive being used to store the firmware, but then again, firmware shouldn’t take too much space. If printer/copier stores like Staples or FedEx Kinkos don’t erase this info daily, thousands and thousands of documents could be lifted off if a person stole the copier or even just broke it open for the hard drive.

Leave a Reply