Audit finds potential for data leaks Resale computers still contained files
By Christi Parsons and Rudolph Bush, Tribune staff reporters. Christi Parsons reported from Springfield, and Rudolph Bush reported from Washington. Tribune reporter Ray Long also contributed to this report.
Warning of the potential for an embarrassing breach of security, state auditors said their recent review of used state computers warehoused for public sale found that nearly one-third had not had their hard drives wiped clean of information as required by Illinois law.
In a little-noticed finding contained in Auditor Gen. William Holland's blistering report on Gov. Rod Blagojevich's Department of Central Management Services, the auditor said that several state agencies had shipped computers to the department for resale that contained potentially sensitive information. Among the computers Holland mentioned were some once used by the secretary of state's office, which tracks driver's licenses and a wide range of other personal data.
Despite a state law requiring that hard drives be scrubbed clean before a state computer can be sold, 15 of 50 computers offered for resale by Central Management Services and tested by auditors during a two-week period last year had not been cleaned.
On five of those units, auditors still couldn't access the hard-drive data, but on 10 others, they could. They accessed instant message programs, "my documents" folders, video games and, in the case of one University of Illinois computer, student homework.