They were a provider for other customers with high security requirements (this is Europe, so the GDPR is very much in effect here) and they apparently had contracts with those customers that the drives were not to be re-introduced into the market in any way.