"Researchers Discover Sensitive Corporate Data on Decommissioned Routers"

Fifty-six percent of decommissioned routers sold on the secondary market contained confidential corporate data, according to ESET's analysis of configuration data. Of the networks for which complete configuration information was available, 22 percent contained customer data and 33 percent exposed data that enabled third-party network access. In addition, 44 percent had credentials for connecting as a trusted party to other networks. Eighty-nine percent specified application-specific connection information, while 89 percent of routers contained authentication credentials. One hundred percent contained either IPsec or VPN credentials, or hashed root passwords. Finally, 100 percent had sufficient information to identify the previous owner/operator with confidence. This article continues to discuss ESET's findings from the analysis of configuration data. 

Help Net Security reports "Researchers Discover Sensitive Corporate Data on Decommissioned Routers"