We received a call today from Robert McMillan from Wired regarding an issue related to virtual servers that may contain data from a previous user. We were aware of this case and were securely erasing data prior to our new SSD plans.
As of today, Tuesday, April 2nd at 2:18:54PM EST, we've implemented a fix which has been deployed to all hypervisors resolving this rare case from reoccurring.
Now all new virtual servers come with a blank disk, ensuring there is no way to read previous data. It also ensures that any customer that processed a destroy prior to this fix will not be affected, since the data will be wiped before the new virtual server is created.
Less than 3% of all virtual servers were potentially at risk. With the code fix in place the issue is erased entirely!
If you have questions regarding a particular virtual server that is running, please open a ticket.