A second-hand hard drive bought on eBay has revealed
confidential information about a US missile defence system.
A joint exercise carried out by BT's Security Research Centre,
the University of Glamorgan in Wales, Edith Cowan University in
Australia and Longwood University in the US revealed the leak among
other data breaches.
The researchers looked at hundreds of second-hand disks bought
from the UK, America, Germany, France and Australia. They found
information including bank account details, medical records and
financial data for businessess.
One hard disk bought on eBay
revealed details of test launch procedures for the THAAD
(Terminal High Altitude Area Defence) ground-to-air missile defence
system, used to shoot down Scud missiles in Iraq.
"This is obviously a serious lapse of security procedures for
the agency concerned, but the worrying aspect about the incident is
that it may not be a one-off. US government agencies -and, indeed,
all government agencies worldwide -should have a policy of
crushing hard drives once they have been removed from office
PCs," said Michael Callahan, senior vice-president at security firm
Credant.
In August last year the personal
bank details of more than one million people were been found on
a computer sold on eBay.The data included bank account information,
mobile phone numbers, dates of birth, e-mail addresses and
signatures of customers of the Royal Bank of Scotland (RBS) and
NatWest bank, as well as American Express.
Andrew Chapman, an IT manager at the University of Oxford, found
the details after buying a second-hand computer to use as a home
entertainment system.