Subscribe For Free
FOLLOW US

Stolen devices now bigger threat than ransomware, says Blancco in 2025 Data Sanitisation Report

Staff Reporter
June 6, 2025

Enterprises are more likely to lose data through stolen drives and devices than through ransomware or compromised credentials, according to research from data erasure and mobile lifecycle solutions company Blancco Technology Group.

Blancco’s 2025 State of Data Sanitisation Report, based on responses from 2,000 cybersecurity, IT, and sustainability leaders across North America, Europe, and Asia-Pacific, reveals a shifting threat landscape as businesses contend with regulatory complexity, artificial intelligence (AI) proliferation, and rising sustainability expectations.

Blancco , found that 86 per cent of surveyed organizations had experienced a data breach in the past three years, and 73 per cent had suffered a data leak. Phishing-related incidents remain the most common cause of breaches, but theft of devices or drives containing sensitive data (41%) now outpaces both stolen credentials  and ransomware (32%).

AI double-edge sword

Despite growing security risks, AI is a double-edged sword in data management. While 25 per cent of respondents say AI has increased the volume of redundant data they hold—and 22 per cent report AI is complicating compliance—more than half are leveraging AI to clarify data retention policies and support sanitization efforts.

Blancco: AI is a double-edged sword in data management

Compliance demands are also driving a surge in investment. Amid an evolving patchwork of national, regional, and sector-specific data protection regulations, over half of organizations are increasing budgets for compliance, with average investment rising by 46%. Nearly all surveyed companies either have data disposition policies in place (55%) or are in the process of implementing them (42%).

However, this emphasis on compliance is contributing to unintended environmental consequences. Respondents report that up to 47 per cent of devices destroyed for data security reasons were still functional.

Meanwhile, 25 per cent of refurbished laptops and desktops, and 19 percent of repurposed data center assets, were recycled without certified data erasure—posing further risk of data exposure. In 17 per cent of breach or leak incidents, data compromise stemmed from redeployed assets containing residual sensitive information.

Sustainability remains a priority. A significant majority  say environmental considerations impact how data is disposed of, and 77 per cent report collaboration between IT and sustainability teams to align secure data erasure practices with broader ESG goals.

Share this article