News >> Browse Articles >> Security
Hard Drive Sold on eBay 'Had Details of Top Secret Missile Defense System'
A missile launch in California: Details of the ground-to-air defence system were found on a computer hard drive
By Daily Mail Reporter
May 07, 2009
Highly sensitive details of a US military missile air defence system were found on a second-hand hard drive bought on eBay.
The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defense) ground to air missile defense system, used to shoot down Scud missiles in Iraq.
The disk also contained security policies, blueprints of facilities and personal information on employees including social security numbers, belonging to technology company Lockheed Martin – who designed and built the system. missile
A missile launch in California: Details of the ground-to-air defense system were found on a computer hard drive
British researchers found the data while studying more than 300 hard disks bought at computer auctions, computer fairs and eBay.
The experts also uncovered other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions.
The drives were bought from the UK, America, Germany, France and Australia by BT’s Security Research Center in collaboration with the University of Glamorgan in Wales, Edith Cowan University in Australia and Longwood University in the US.
A spokesman for BT said they found 34 per cent of the hard disks scrutinized contained ‘information of either personal data that could be identified to an individual or commercial data identifying a company or organization.’
And researchers said a ‘surprisingly large range and quantity of information that could have a potentially commercially damaging impact or pose a threat to the identity and privacy of the individuals involved was recovered as a result of the survey.’
Two disks appear to have been formerly used by Lanarkshire NHS Trust to hold information from the Monklands and Hairmyres hospitals including patient medical records, images of x-rays, medical staff shifts and sensitive and confidential staff letters.
In Australia, one disk came from a nursing home and contained pictures of patients and their wounds.
Confidential material including network data and security logs from the German Embassy in Paris were also discovered on a disk from France.
And the trading performances and budgets of a UK-based fashion company, corporate data from a major motor manufacturing company were discovered along with details of a proposed 50 billion currency exchange through Spain involving a US-based consultant.
pcm2234
4 months ago
2 comments
I'v heard that MI-5 grinds their old drives into a fine powder and stores the remains in a cold vault. Though it sounds like the info was still plain to see, it's likely the researchers were using some high-tech to scan the drives they bought. So 2 or 3 wipes probably wouldn't have hidden the data. DoD requires 7 passes and there is now a 35 pass (Gutmann) available to the public. Personally I like the design for an incendiary drive, with built in explosives (or acid) to destroy the drive in an instant.
mattoni87
6 months ago
20 comments
Someone is fried. I agree they should distroy disks like that. people are stupid.
NMc
6 months ago
2144 comments
surprising. not.
deanmyrick
6 months ago
38 comments
I would never let go of a HD under any circumstances! Smash it and put it in a secure location.
deanmyrick
6 months ago
38 comments
I am all about a 35 pass gutman secure erasure of all files that have even the slightest amount of personal data on them, that includes temporary internet files. I highly recommend ishred express. It's open source and its free.
mrpumpkinguy
6 months ago
36 comments
So there you go... a new business model: buy used drives from eBay and sell the recycled information. Reformat the picked-over drives and resell them (just not on eBay). Sounds like a winner, and it's backed by actual research -- that should be good for some seed funding.
ddw_data_support
6 months ago
4 comments
...the trust now destroy equipment containing data on the premises.
Yeah, a sledgehammer works great! Over-writing the drive with 0's and 1's more than once will do the same trick. There are plenty of low cost programs that do this, so no excuses for the contractor. They should have known better and the client should have done a follow-up to ensure the data was destoyed. It's all a part of data integrity...
NYL
6 months ago
2 comments
I definitely agree with RichardvL. The company that had the contract to destroy the data has big problems looming in the horizon.
What if people with really bad intentions has gotten off with the hard disks?
allana
6 months ago
2 comments
WoW. Too Bad something like that couldn't have happened with the Kennedy assassination files.
mona1313
6 months ago
14 comments
Wow!!! How sad this needs to be talked about, and picked at big time. I would like to see this story on CNN. The White House needs to insure by legislation these companies have to securely destroy their own hard disks. This really is an outrage!!!, The only good news thank god researchers in Britain came across the hard disks instead of really bad bad people.....
RichardvL
6 months ago
10 comments
My guess is that the files were deleted in the with the normal operating system commands. I read between the lines that it was a research project. The research could have included using any method available to retrieve data from hard drives, including the use of data recovery software. Microsoft OSs do not physically erase a file from a hard drive when it is deleted, it replaces the first letter of the filename with a "?" in the directory table, making it extremely easy to recover deleted files.
The only way to erase data from a hard drive completely (without breaking it) is to use special software which overwrite all the data areas with non-intelligent character sequences. There are several programs available. Just Google "Erase hard drive securely".
jetrue
6 months ago
2 comments
Destroying, literally breaking up a hard drive is the only way to insure no retrieval of info is made, so if anyone sells their hard drive they are also giving you their info.
Account Removed
6 months ago
Hmmm!! Well, that's really sad, but maybe somebody didn't do the job well. (that's my guess...)
. Maybe I'm wrong
bukas0069
6 months ago
12 comments
That is sad, they should have delete and erase them all
Terminator
6 months ago
128 comments
I usually use a Hard drive until it dies, and when it dies i usually destroy it. People should do that more often.