Canada – Military data found in hard drive at the recycling depot

A man has found a 30-gigabyte hard drive at a recycling depot in Halifax containing at least 10 GB Canadian military data.

According to the Canadian CBC, a man named Pete Stevens has found a 30-gigabyte hard drive at a recycling depot in Halifax. The media support contains personal information including the names and numbers of defence personnel, it seems to belong to the military.

Pete Stevens has found the hard drive about one year ago but only recently he launched a recovery software and recovered hundreds of files that appear to be from the years 1999 to 2005.

He recovered about 10 G of data, including 6,000 photos, spreadsheets with the names and numbers of military personnel and their families, and completed applications for security clearance.

The harddrive also included Power Point presentations, blueprints of ships and documents outlining “specified procedures for certain scenarios.”

The man decided to recover the content of the hard drive after hearing about security breaches at the military’s East Coast intelligence centre and Canadian Forces Base Halifax.

“If that was me, I wouldn’t want somebody like me having that information,” said Stevens in an interview with CBC. “I don’t think we want to see any of our people serving in uniform exposed like that.”

Military officials came to recover the precious hard drive and are investigating the incident. Military spokesman Maj. Martell Thompson expressed his astonishment defining the incident as “highly unusual” due to the adoption in military environment of strict policies for cyber security that include detailed instructions for the disposal of media storage.

 “I’ve not heard of something like this happening before,” said Thompson on Saturday. “The Department of National Defence policy dictates that once hard drives are life-cycled out of operation, they are removed from Canadian Armed Forces networks and sorted prior to destruction.”

The situation is concerting considering the security breach suffered by military bases in Halifax, , the Admiral John Newton confirmed there were five “non-nefarious breaches” of a secure military computer network at Canadian Forces Base Halifax’s navy training school.

“Last week Rear Admiral John Newton confirmed there were five breaches of a secure military computer network at Canadian Forces Base Halifax. ” states the CBC.

“I have friends and family members in the Forces so I think I speak for most Canadians when I say we don’t want to see them exposed, especially their information and their addresses and their phone numbers and everything,” he said.

There are evident security issues to discuss  after the disconcerting discovery, first of all, the necessity to encrypt data on the hard drives and the adoption of disposal procedure for every device used in high-sensitive environment.

Now imagine such kind of data in the hands of a nation-state actorts…

Pierluigi Paganini

(Security Affairs – hard drive disposal, military)