Bought an SSD from CEX.... it wasn't blank! What should I do?

I'd go with 1 & 2 personally. It's then up to the person whose details you have whether they want to do anything about it. It's them that are the 'victim' here - though who in their right mind sells a hard drive without fully wiping it, I don't know...

Who sells a SSD without wiping it, I thought that was just common sense? Maybe someone got hold of a laptop, disassembled it and flogged the parts? I'd email the person tbh

yeah, went with 1 & 2.

Emailed the owner of the personal information to confirm the drive wasn't extracted from a stolen laptop, and CC'ed CEX's customer services.

I'll update this thread if anything interesting comes of it.
It'll be bloody inconvenient to me if the drive turns out to be a component taken from a stolen laptop...

You'd think with CEX's recent security breach, that they'd be making sure of the integrity of their stock.

:edit:

On a side note, CEX sent the NVMe SSD wrapped in bubble wrap, inside a jiffy bag.
No anti-static protection, and no rigidity to protect against flexing.
It's a minor miracle it arrived intact; another example of CEX's gross incompetence.

xoisthemotive1 h, 22 m ago

Who sells a SSD without wiping it, I thought that was just common sense? …Who sells a SSD without wiping it, I thought that was just common sense? Maybe someone got hold of a laptop, disassembled it and flogged the parts? I'd email the person tbhRead lessRead more

Yeah in my opinion if someone sells their storage drive to CEX or anywhere else without properly wiping it, it's their own problem! If someone emailed me and said they bought something with my info on it, I'd be too embarrassed to consider blaming CEX.

I would blame the owner they probably claimed it was wiped and cex only had the test best for Msata so believed them

Option 5... move on. Format the hard disk, use it for the purpose you purchased it for and get on with life.

Not CEX's fault the previous owner failed to delete there data.

*Email previous owner and tell them you've found some porn on the hard drive, Tell them you want £x amount or you'll upload it to facebook ;).










*Don't do that really, It's probably illegal.

I'd go 1, 2, 3, and also 6, which would be to message the ICO about the incident.

The idea that it's the original owner's fault and ner-ner to them is moot, considering how much stolen gear these shops tend to sell.

I would personally format it and not do anything else. How do you know if it's not from a stolen device.

RiverDragon89 m ago

I would personally format it and not do anything else. How do you know if …I would personally format it and not do anything else. How do you know if it's not from a stolen device.Read lessRead more

I think OP is a little worried that it might have sentimental pictures of a child that had died or such like.

kester7645 m ago

I think OP is a little worried that it might have sentimental pictures of …I think OP is a little worried that it might have sentimental pictures of a child that had died or such like.Read lessRead more

Stop over thinking things. If he does anything else it will only complicate things. I personally wouldn't even have come on here and asked.

dxx1 h, 22 m ago

I'd go 1, 2, 3, and also 6, which would be to message the ICO about the …I'd go 1, 2, 3, and also 6, which would be to message the ICO about the incident.The idea that it's the original owner's fault and ner-ner to them is moot, considering how much stolen gear these shops tend to sell.Read lessRead more

ICO?
ico.org.uk/ ?

RiverDragon822 m ago

Stop over thinking things. If he does anything else it will only …Stop over thinking things. If he does anything else it will only complicate things. I personally wouldn't even have come on here and asked.Read lessRead more

If CEX is routinely being used to fence stolen goods, then they need to be called out on it.
Operating a "Don't ask, don't tell" policy isn't just unethical, it's illegal.

kester761 h, 7 m ago

I think OP is a little worried that it might have sentimental pictures of …I think OP is a little worried that it might have sentimental pictures of a child that had died or such like.Read lessRead more

Not at all, I simply want to know that the goods I've been sold by a supposed reputable company aren't stolen.
If they are stolen, then CEX are, either through negligence or intent, facilitating & profiting from crime.

Anyhow, ethics aside, I'm genuinely curious to see how this resolves!

Personally I'd do a quick check there wasn't anything someone might miss (photos, school/college/uni work, etc).
If there is anything there contact the owner otherwise just wipe it.

If it's stolen the owner has probably already claimed on their insurance and it's a right mess for you if it is. The police will take the drive then you have to chase cex for a refund which will likely take ages. So you could be months without a drive and your money.

At most, the drives are usually only formatted, I usually run them through a recovery just for practice with the recovery software

The plot thickens!
I got a reply from the previous owner of the drive.

It turns out he'd returned the laptop to Dell.
How the drive got from Dell into CEX's inventory is a mystery.

Did Dell (partially) dismantle the laptop, and sell it for parts in some form of auction that CEX use as an inventory source?

Or did Dell sell on the laptop (via Dell Outlet) to a 3rd party, who then broke it up and sold the drive to CEX?

Or is there some slimy fraudster at Dell taking parts out of returned laptops on the sly, and selling them for a little extra cash on the side?

Who knows.

What is mind boggling is that a drive holding potentially sensitive personal information has passed through both Dell and CEX without being blanked!

It's the sort of investigative piece you'd expect to see on BBC Watchdog!

CEX staff don't know what they're doing. They are in no way technologically trained. Delete the contents of the drive and carry on. Even if they had wiped it the data could still be recovered