Rackspace/Slicehost & VPS.NET were identified for the same issue April 2012 [1]. Cloud providers <i>MUST</i> securely erase customer media upon release, so that this attack cannot happen.<p>[1] <a href="https://news.ycombinator.com/item?id=3890905" rel="nofollow">https://news.ycombinator.com/item?id=3890905</a>
I hope that part of their follow-up to this includes information about not being able to fully trust that non-encrypted data on SSD drives can be 100% wiped. Users of hosting services should not be storing extremely sensitive unencrypted information on any shared hardware.