Yesterday, All those backups seemed a waste of pay. Now my database has gone away. Oh I believe in yesterday.

Suddenly, There's not half the files there used to be, And there's a milestone hanging over me The system crashed so suddenly.

I pushed something wrong What it was I could not say.

Now all my data's gone and I long for yesterday-ay-ay-ay.

Yesterday, The need for back-ups seemed so far away. I knew my data was all here to stay, Now I believe in yesterday.

--

From usenet

My comment on the situation: Online mirrors are fine, but calling them backup is a stretch of the imagination,since you must assume that an event can compromise all data within a domain (be it The Internet, or a physical location).

A true backup must be physically and logically separate.

" there was no evidence that customer data was copied out or exfiltrated from its systems"

...after a thorough analysis of the now encrypted logs?

I set up an append only storage for a friend recently and his son downloaded some kind of game related cheat thing online and it encrypted his harddrive, his backup usb harddrive, his cloud storage and his NAS.

The little restic backup saved him. It pushed one copy of nonsense, but kept several revisions of the old data.

On a similar note: does anyone have any experience with mdisc? They seem like the perfect solution for long time storage for me at the moment.

Still cloud is better after all. 32GB is enough for all digital device and shooting 8k videos for 1000 centuries. No one should make backups. Storage expansion especially SD card must not be allowed on phone, tablet and laptop. Local storage is not secure and adding sd card to phone will introduce water leak. Meanwhile SIM card slot do not introduce water leak because obviously there is magic. Also SD slot is waste of internal space. You might ask why tablet is big as hell but still no SD card slot. Because those extra space is for storing mana to dispel water while adding the cloud subscription debuff to the users. Magic protect our phones from water, bullet, brick, bad OTA update, damage of USB port, lack of OTG functionality, USB2.0 transfer rate, terrible MTP interface, eavesdroping from wireless, etc.

* Just a rant and parody

Unfortunate turn of events.

I find it really hard to have empathy for serious businesses who don’t have backups and are dependent on a single cloud.

Like for example if you are all in on AWS and do all your backups of your AWS systems to AWS then lose your account. Meh… your fault.

If you run a business then you have an absolute obligation to be able to instantly bring your business back up outside your primary hosting provider.

And if you’ve built all your infrastructure in a way that cannot be replicated outside that hosting provider then frankly that’s negligent.

All those AWS Lambda functions that talk to DynamoDB? Guess what…. none of that can be brought up elsewhere when you lose your AWS account.

If you are a CTO then this is your primary responsibility and priority above everything else. If you are a CTO who has failed to ensure your business can survive losing your cloud then you are a failed CTO.

Time to check the 3-2-1 backups ;)

They weren’t just a cloud hosting company, they were also a domain name registrar and provided DNS hosting.

The registry for the .DK TLD has published a page on what to do for those affected: <https://punktum.dk/en/faq/if-you-are-a-customer-at-cloudnord...>

from the google translated page of the provider

  What happened?

  It is our best estimate that when servers had to be moved from one data center to another and despite the fact that the machines being moved were protected by both firewall and antivirus, some of the machines were infected before the move, with an infection that had not been actively used in the previous data center, and we had no knowledge that there was an infection.

  During the work of moving servers from one data center to the other, servers that were previously on separate networks were unfortunately wired to access our internal network that is used to manage all of our servers.

  Via the internal network, the attackers gained access to central administration systems and the backup systems.

Shoddy journalism strikes again. How do we know that all data was lost and the notice on the homepage was not uploaded by hackers?

"CloudNordic could not be reached for comment." It's a journalist's job to reach either the company or affected customers to verify the facts.

The solution to ransomware? Backups. It's not more complicated than that. It's honestly puzzling that ransomware is the issue it is, crippling entire organizations. It just means they have inept IT teams.

Sucks this Danish cloud host provider didn't back stuff up properly.

While the absence of 3-2-1 seems like a big oversight, i enjoyed the straight-forward communication.

They did not segment their backup servers from the rest of the infrastructure and people who are this incompetent should not run IT infrastructure.

There is no excuse for this.

Our industry is mostly run by clowns and unserious people.

Also Azero.cloud (same company?): <https://azero.cloud/>

There's reason to suggest this is part of a larger attack. Multiple hosting providers were hit with attacks last Friday.

I'm wondering what the future holds for this cloud hosting company. How can a company survive such a dramatic loss?