To fix the flaw and get rid of the remnant data, Slicehost had to ask clients to migrate to different servers – a process that carries its own risk that disks or data will become corrupt during the move.
Little of the data could be found without forensic tools, Slicehost told customers, and none of it had been found to have been recovered and reused by unauthorized clients.
The data did expose the clients who owned it to the risk of loss through no fault of their own, in a way they could not anticipate or even investigate, because they weren't authorized to use forensic tools on those servers to check whether they were clean.
Encrypting data stored with a cloud provider can cause even more problems, because it can often show up as garbage data rather than the good stuff to providers that can't manage or decrypt it themselves.
Remnant data is rarely discussed by cloud users or providers, or even security specialists.
It continues to be a small but consistent problem in any organization that recycles servers or PCs at the end of their normal lifecycles.
The only way to be really sure no one will be able to read data from a disk you're abandoning – according to the roughly half a million security specialists who've told me this during interviews over the past few years – is to encrypt it, delete it, wipe the drive, scrub the drive with drive-scrubbing software, scrub the drive with sandpaper, sand and steel wool and then drill holes in different places on each disk before shredding them or throwing them away in separate recycling bins.
If that seems excessive, or just too much work, I've found the easiest way to make data on a hard drive completely inaccessible and unrecoverable is to put data on the disk that are vitally important to something time sensitive and fail to back the data up to any other devices as your deadlines approach and stress rises.
Just before you hit Save, Print or There, Now it Won't Explode, all the data will mysteriously disappear, never to be found again.
Especially after the explosion.
And keep your head down.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.