Governmental Servers Wiped? Never!

Geoff writes with a story from Australia: "Eighteen AIX servers purchased from government via auction -- none of them had data removed from them. Ticket Vending and Validation source code, Payroll, Finance, Emails and Customer complaints. All there on every server; they were even nice enough to include some old backup tapes. At ~$14USD per server, it's amazing how cheap personal information has become."

You understand that...

[PrivateDonut]

if this guy planned on doing anything with the data, he probably wouldn't have blogged about it. He would copy the data, wipe the disks and pretend that he had seen nothing.

Then at a later date, he could do his evil work using that data.

Therefore, this particular blunder is nothing to get worked up about, but the potential for future blunders is.

Cheaper ways...

[pimpimpim]

There was a case in the Netherlands where a state prosecutor just put his personal pc at the trash when it didn't work anymore due to spyware:

http://www.expatica.com/source/site_article.asp?su bchannel_id=19&story_id=13469&name=The+Dutch+news+ in+October+2004
see october 7th 2004

Some taxi-driver found it, discovered that it had very sensitive information about some current open cases on it, and a lot of personal stuff that could make the prosecutor vulnerable for blackmail etc. when in the wrong hands.

These things just show that some state organisations (or the people working there) have really too little awareness of handling computer data the right way. Actually this year we had a case in the netherlands where some secret state report ended up in an upload filesharing folder of the person working on it, and thereby just could spread all over. I think people working at such positions really should be instructed on safe computing, especially at home or using laptops, the risks are pretty high that data can get stolen.