You should think about smashing your old Xbox 360 with a hammer. Seriously.
It’s happened to a few of us. Your Xbox isn’t getting enough use to justify the space on your entertainment center so you sell it on EBay, or maybe you trade it in to upgrade to a fancy “slim” model. Or you pawn it to pay for hookers and blow. Whatever the cause of getting rid of your Xbox, you will be frightened to learn that all of your personal information is stored on the console’s hard drive – even if you wipe the drive clean. Ashley Podhradsky from Drexel University in Philadelphia experimented with common tools and applications on a refurbished Xbox 360 and easily grabbed the previous owner’s sensitive bits like credit card number, address and real name. She claims Microsoft should do a better job of keeping your credit card numbers secure.
“Microsoft does a great job of protecting their proprietary information,” Podhradsky said. “But they don’t do a great job of protecting the user’s data. Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone’s identity.”
She recommends removing your Xbox hard drive and wiping it clean with a specific formatting application like Boot and Nuke to completely erase information from the magnetic disks. In fact, you should use this kind of application whenever you want to discard old hard drives and your worried about someone nicking your CC number.
“I think Microsoft has a longstanding pattern of this,” Podhradsky said. “When you go and reformat your computer, like a Windows system, it tells you that all of your data will be erased. In actuality that’s not accurate – the data is still available.”
While the more enterprising hackers might still be able to piece them together, I still recommend the old sledgehammer method. It’s good to be a gangster.