It’s not *that* hard to clean off a disk drive. I mean really scrub it. Searching for “disk wipe” on Google gives me 103,000 results and “disk clean” gives me 868,000. Unfortunately, someone at the Kentucky Health Services department neglected to clean a disk that contained “confidential files identifying thousands of people with sexually transmitted diseases, including AIDS”, according to the state auditor.
Two things made this not as bad as it could have been:
- Minimally comforting: Kentucky has a policy of offering surplus computers for sale to other government agencies before selling them to the public. So the computer was never in private hands. Is a clerk or a sysadmin at the Department of Motor Vehicles that much more trustworthy than a clerk or a sysadmin at a car dealership?
- Much more comforting: The State Auditor, Ed Hatchett, decided to pop by the surplus-property office and randomly test a few of the computers waiting to be sold. The eight computers he picked contained not only the STD files, but password files, correspondence, and other sensitive info.
Three cheers for State Auditor Ed Hatchett (read his bio!) who not only saved the day for thousands of STD sufferers in Kentucky but also made other surplus computer sellers more aware of the need to properly clean off disks.