September 11th, 2011

Dedicated hosting risks

In 2009, I started leasing a dedicated server from a hosting company. It came with two 160GB drives, but I didn't need that much capacity. I never got close to using even 20% of the first drive, so I never mounted and used the second drive.

Last week I decided to migrate to another hosting company, and as part of the process I thought I'd make backups of the first drive and stage them on the second drive. So I mounted the second drive to prepare a place to put the files.

To my surprise and dismay, the drive was almost completely full of data from another company. There were MySQL database tables, database dumps, and other files. I don't know how I got a disk full of data from another company, though I can imagine several possibilities.

I contacted the hosting company immediately. How did this happen? Is it possible that my data will be exposed to someone else? I had a previous server two years ago with the same company - was that data already exposed?

They assured me that they use all-new drives and that when a customer account is closed, the drives are formatted and overwritten with zeroes, and they couldn't tell me how that failed to happen in this case. When I pushed for an explanation, so far all I've gotten is approximately "This has never happened to anyone else" and "It happened two years ago so we might not be able to figure it out."

I also contacted the company whose data I got, but I haven't heard a response yet.

I never really thought about what happens to my data after I leave a dedicated server leasing company. I just imagined it would be wiped out somehow.

At least in one case, for one person, that didn't happen.