[Novalug] VA Health records held ransom
william at trilug.org
Wed May 6 12:35:30 EDT 2009
There isn't enough data to say what was/wasn't deleted, although evidence
appears to be that they had some offline backups.
However, to address your other question, people do that for a variety of
1. ignorance - they're not as technically savvy as most of us on this list
and don't consider the implications of their actions (see also
2. laziness - they have a server running, so why bother setting up an
independent bacup system?
3. being cheap - they figure the additional cost just isn't worth it.
As an example of #3, I once worked for a large manufacturing company (may
even be Fortune-500). Each plant had an AIX server with external (IBM)
disk storage arrays for the databases to handle production workflow and
monitoring. Each plant was responsible for purchasing additional disk
arrays as they ran out of space. Each system ran a Progress database.
The Progress databases had the database files, a pre-transaction snapshot
set of database files (BI) and post-transaction snapshot set of database
files (AI). Certain of the plants, being too cheap to expand their
storage, required us to create new database extents onto the seperate BI
and AI disks. You can imagine the possibilities for failure with such a
On Wed, 6 May 2009, Mackenzie Morgan wrote:
> OK, let me rephrase:
> Don't they have a backup on a different computer / hard drive / tape than the
> Honestly, who makes a backup onto the same computer as the original? That's
> not a backup! That's just wasting space on your hard drive with absolutely no
> redundancy. OK yeah, they could have two hard drives on one machine, but if
> that's the case 1) if it's Windows, it likely won't boot on any other machine
> so they're not protected against a motherboard death 2) why was it mounted? 3)
> If there was a fire, both would be equally destroyed.
> On Miércoles 06 Mayo 2009 11:10:42 AM William Sutton wrote:
>> Because, if I read the SecurityFix article correctly, he said he made his
>> own encrypted backup and deleted theirs.
>> William Sutton
>> On Wed, 6 May 2009, Mackenzie Morgan wrote:
>>> On Miércoles 06 Mayo 2009 7:45:26 AM Varol Okan wrote:
>>>> Come on guys, this is not funny. Who did this ? Just go and apologize
>>> The bit that confuses me is:
>>> Why should they pay him to decrypt their data? Don't they have a backup?
>>> Mackenzie Morgan
>>> apt-get moo
> Mackenzie Morgan
> apt-get moo
More information about the Novalug