LONDON (Reuters) - Laptops containing sensitive financial details and all manner of corporate secrets can be snapped up at auctions for a pittance, a security firm revealed Wednesday.

Stockholm-based Pointsec Mobile Technologies said it bought 100 laptop computers from a host of Internet and public auctions over the past two months.

The exercise intended to demonstrate that the scores of lost or stolen laptops that wind up at auction every day have hard drives with little or no security, giving identity thieves and fraudsters easy access to lucrative data.

What it did not expect to find was a cache of corporate laptops too that were as easy to crack as grandma's PC.

In all, the firm's technicians were able to pull sensitive details from 70 of the 100 machines it bought.

In one case, it obtained a particularly vulnerable hard drive from online auction site eBay that apparently once belonged to one of Europe's largest insurance companies.

On the hard drive were current details of customers' pension plans, payroll records, personnel details, login codes and administration passwords for the company's Intranet site. Home addresses, telephone numbers and dates of birth of customers were also listed in 77 Microsoft Excel files, the company said.

"Even when companies or individuals believe they have wiped the hard drive clean, it is blatantly clear how easy it is to retrieve sensitive information from them," said Pointsec CEO Peter Larsson.

Companies usually go to the trouble of wiping a computer hard drive of any sensitive details before discarding them, but even that is not foolproof, Larsson said.

A bigger problem is laptops lost on the train or the airport, which are often auctioned to the public if the owners don't claim them.

From laptops it acquired at an auction from Britain's Gatwick Airport, Pointsec used generic password recovery software -- many free varieties are on the Internet -- to access information on one in three of them

Yahoo News