Business Continuity Management / Disaster Recovery , Cloud Security , Finance & Banking
Google Cloud Deleted Australian Pension Fund's Data
Over 600,000 Australians Lost Access to Their Pension Funds Due to MisconfigurationAustralian superannuation fund UniSuper has restored its digital infrastructure after a major misconfiguration resulted in Google Cloud deleting the company's private cloud subscription.
See Also: 2024 Threat Hunting Report: Insights to Outsmart Modern Adversaries
The $90 billion pension fund provider announced last Wednesday that its website and applications underwent a prolonged outage after Google Cloud, which solely hosts the company's entire cloud infrastructure, inadvertently deleted the company's account, along with all the data that came with it.
Google Cloud CEO Thomas Kurian said the mishap occurred because of "an unprecedented sequence of events" that resulted in a misconfiguration when it was provisioning UniSuper's private cloud services.
"This is an isolated, one-of-a-kind occurrence that has never before occurred with any of Google Cloud's clients globally. This should not have happened," the hyperscaler said. "Google Cloud has identified the events that led to this disruption and taken measures to ensure this does not happen again."
UniSuper offers retirement planning, financial advisory and insurance services to about 647,000 Australians and had about AU$135 billion in funds under management as of March.
The incident occurred less than a year after the superannuation provider decided to shift its VMware-based workloads from an on-premises data center to Google Cloud using the hyperscaler's Google Cloud VMware Engine.
"The ability to easily migrate VMware environments with GCVE, with minimal effort and disruption, will enable greater scale and agility, driving operational efficiencies," the company said.
The company said last week it had created redundancies by duplicating all its data across two geographical locations to cater to disruptions or outages, but the deletion of its private cloud subscription erased all data from both locations.
"UniSuper had backups in place with an additional service provider. These backups have minimized data loss and significantly improved the ability of UniSuper and Google Cloud to complete the restoration," UniSuper said.
The pension fund provider has worked with Google Cloud since the beginning of May to recover its private cloud composed of hundreds of virtual machines, databases and applications, stating that the recovery efforts required "an incredible amount of focus, effort and partnership" between the two companies.
UniSuper CEO Peter Chun said Monday that data recovery was in its final stages and customers could log into their accounts to view their balance, request investment switches, view investment performance and request withdrawals. Some services, such as retirement calculators and recent account changes, were pending restoration.
"We take our responsibility to provide reliable services to our members extremely seriously. My team are conducting a full review of the incident to ensure that wherever possible we minimize the risk of disruption in the future," Chun said. "We have engaged in rigorous testing through the restoration to ensure stable, secure services as members expect."
The company has not disclosed the financial impact of the outage or whether its cloud strategy will change in the wake of the service disruption.
In April, Chinese cloud provider Tencent Cloud suffered a brief outage resulting from a misconfiguration during an API update process, affecting nearly 2,000 business customers and some platform-as-a-service products that relied on the cloud company.
The data recovery-as-a-service industry has traditionally prescribed the 3-2-1 data storage rule, requiring data owners to have at least three copies of their data and store at least one copy off-site. Considering that today's organizations generate vast quantities of data every day and are susceptible to wholesale data loss to outages, accidental data deletion or ransomware attacks, TechBeacon Global Director Kevin Cole suggested a 4-3-2-1 approach.
Cole said data owners should have four copies of their data - the actual production data and three backup copies - all stored at three different sites, either on-premises or off-site. "Ransomware can infect entire infrastructure systems; if you have an immutable copy of your data unchanged by any potential bad actor in the system, a full recovery can still be made," he said.