Corporate Secrets Exposed Through Secondhand Routers
Researchers from ESET have found that less than half of secondhand enterprise routers in their sample were wiped of internal data, posing a risk for both the companies that sold these routers and their customers. Out of the 18 corporate routers that the researcher team purchased secondhand, only five had been wiped. Nine of the routers had been left as is, two were encrypted, one was dead, and one was a copy of another device. The nine devices that hadn’t been wiped had enough information stored on them to identify the previous owners, and also login information for the organizations’ VPN, credentials for a communication service, and hashed root administrator passwords.