Unclean Military Hard Drives Sold On eBay

An anonymous reader writes "The Daily Mail reports, 'Highly sensitive details of a US military missile air defense system were found on a second-hand hard drive bought on eBay. The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defense) ground to air missile defense system, used to shoot down Scud missiles in Iraq. The disk also contained security policies, blueprints of facilities, and personal information on employees (including social security numbers) belonging to technology company Lockheed Martin — who designed and built the system.' Scary that they did not wipe it to Department of Defense standards, which I believe is wiping the whole disk and then writing 1010 all over it."

please...

[VMaN]

Before people start discussing if drives should be overwritten 32 or 2^32 times, please show me ONE proven example of a regularly zeroed drive being recovered.

This challenge has stood for more than a year.
http://16systems.com/zero.php

Probably illegally sold

[roger_that]

The drives were probably illegally sold. DoD requires the destruction of classified drives, and contractors are supposed to follow the same rules. If the drive(s) in question held classified data (which they apparently did), they should have been wiped, then physically destroyed. Sounds like someone bypassed the last step, and tried to make a little profit on the side, by selling the "destroyed" drive.

Disclaimer: I work for a contractor on a US Government contract, working with classified data. (at the five-sided building)

Re:Why not just destroy these disks?

[camperdave]

Why does the DoD not simply destroy the disks in question?

Sometimes it's easier to detect a security problem by letting some information leak.