When you're a government contractor you had better keep your ducks in line. It goes without saying that if you're storing sensitive data that you dispose of the hard drives properly at the end of their life (EOL).
BT's Security Research Center has found that Lockheed Martin is notoriously bad about not removing the data from hard drives that it disposes of at their EOL. The list of information pulled from hard drives that were originally owned by Lockheed Martin is disturbing, the information includes: "launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defense) ground to air missile defense system, used to shoot down Scud missiles in Iraq." and "other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions."
All of the hard drives were purchased on eBay or at computer auctions/fairs. It's a growing trend that computer technicians are unaware of how to properly dispose of a hard drive by either destroying it or removing the sensitive data in a manner that allows for no possible recovery of data. Another alarming thought is why was this data not encrypted?
Lockheed Martin was not the only corporation to be found at fault for this practice but by far had the most sensitive data.
61 Comments - Add comment