U.S. missile defense information found in disk bought on eBay

Share this article:
A hard disk containing the launch procedures for a U.S. military missile defense system was recently bought on eBay. The purchase was made as part of an ongoing study into discarded hard disks.

Specifically, test launch procedures for the THAAD (Terminal High Altitude Area Defense) ground-to-air missile defense system were contained on the disk, Glenn Dardick, study researcher and associate professor of information systems at Longwood University in Virginia, told SCMagazineUS.com Thursday.

In addition, he said the disk contained security policies, blueprints of facilities and personal information on workers at Lockheed Martin, including Social Security numbers. Lockheed Martin designed and built the THAAD system.

In a statement to SCMagazineUS.com Thursday, a spokesperson for Lockheed Martin said the company is not aware of any compromise of data related to the THAAD program. The company declined additional comment until it can evaluate the hard drive.

Dardick said the drive is now in the possession of the FBI. 

The drive had been reformatted in an apparent attempt to erase the information on it, Dardick said. But reformatting does not effectively wipe clean a computer hard drive, despite what many consumers and small businesses assume, he said.

The U.S. government has stringent policies for disposing of hard drives, requiring contractors and subcontractors to identify information contained on a hard drive, treat information as inventory and categorize it by sensitivity level -- and then properly expunge data before disposal, Dardick said.

“It could have been released by Lockheed, or a contractor of Lockheed -- we don't know," Dardick said. “That's where there will be an ongoing investigation to determine how this information got onto the open market.”

The information was discovered as part of an annual research study that began in 2005 to analyze the information remaining on disks offered for sale on the second-hand market, he said.

As part of the 2008 study, researchers also found a disk from a U.S. bank whose name could not be revealed because of the ongoing investigation, Dardick said. The disk contained the details of a $50 billion U.S.-to-Spanish currency exchange proposal and other U.S. business dealings with organizations in Venezuela, Tunisia and Nigeria.

Moreover, in the 2008 study, one in three hard disks was found to contain sensitive information, according to a news release about the study released by the University of Glamorgan in the UK.



Share this article:

Sign up to our newsletters

More in News

Firefox 31 plugs critical memory safety bugs

In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.

Android/Simplocker adds tricks, including ransom message in English

Android/Simplocker ransomware now encrypts archive files, asks to be installed as a Device Administrator, and delivers an English-language ransom message.

Wall Street Journal website vulnerable to SQL injection, gets hacked

The Wall Street Journal confirmed on Tuesday that an outside party exploited a vulnerability and hacked into its new graphics systems.