Sophos, a computer security company, recently acquired 50 misplaced USB keys from RailCorp, who sold the keys in a lost property auction.

Sophos analysed the keys and found that two thirds of the keys were infected with some form of malware.

Sophos found there were CVs, jobs applications, tax return information, photo albums, work projects, university assignments, minutes of meetings, software and source code.

“Don’t be lulled into thinking that your personal data is unimportant unless you’re a high-flying executive or have pots of money. Information about you is worth money to cyber criminals,” said Mr Ducklin, the head of technology at Sophos.

RailCorp has also come under fire for selling personal USB keys, and it is under investigation from the NSW Deputy Privacy Commissioner, John McAteer.

You can read more over at the Sydney Morning Herald