Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reporters Find US Gov't Data In Ghana Market

Posted by samzenpus on from the full-recycle-bin dept.

narramissic writes "'Hundreds and hundreds of documents about government contracts,' were found on a hard drive purchased at a market in Ghana for the bargain basement price of $40, said Peter Klein, an associate professor with the University of British Columbia, who led an investigation into the global electronic waste business for the PBS show Frontline. The hard drive had belonged to US government contractor Northrop Grumman and in a made-for-TV ironic twist, 'some of the documents talked about how to recruit airport screeners and several of them even covered data security practices,' Klein said. 'Here were these contracts being awarded based on their ability to keep the data safe.'"

4 of 154 comments (clear)

  1. Re:Contracts by Cheerio+Boy · · Score: 4, Informative

    They should lose their contracts for failing to wipe the data off the hard drives.

    They likely will as this is almost certainly a violation of ITAR regulations. Northrup Grumman does very little that is non-military.

    --

    "Bah!" - Dogbert
  2. Re:When I dispose of an obsolete drive by rotide · · Score: 5, Informative
    Sounds time intensive. While a little pricey, get a hard drive destroyer. Pop it in, hit go and it folds 90 degrees!

    http://www.garner-products.com/PD-8400.htm

  3. Re:Still? by Ritz_Just_Ritz · · Score: 4, Informative

    Did you even read the article? It doesn't appear that the employee was at fault. The computer was "disposed of" by some outside company. Allegedly, they are responsible for sanitizing the hardware prior to binning it or parting it out.

    I would expect, however, that this "outside firm" is wondering if they still have their contract with Northrop Grumman. I suspect not.

  4. Re:Contracts by Cheerio+Boy · · Score: 4, Informative

    They should lose their contracts for failing to wipe the data off the hard drives.

    They likely will as this is almost certainly a violation of ITAR regulations. Northrup Grumman does very little that is non-military.

    They most certainly will not lose their contracts over this. They'll find a way to blame the lost data on some tiny sub-subcontractor that the subcontractor responsible for disposing of used equipment hired to wipe the drives, and they'll get fired. Or maybe they'll fire the person who kept the data on their hard drive instead of the network drive, and trot out the click-through policy that says "we told you we could fire you for violating this policy."

    There's always a weasel-way for companies to get out of these situations by blaming someone for the failure.

    ITAR is pretty strict but you're probably right in that they'll blame the recycling firm or some such nonsense. From my experience they can at least expect a fresh ITAR audit courtesy of the federal gooberment because there is now "reason to question" their security.

    Personally I don't let a hard drive out of the building unless it's been at least wiped (non-secure data) if not destroyed (secure data). Usually I destroy them just to make sure.

    --

    "Bah!" - Dogbert