Netgear says sorry four weeks after losing customer backups
Critical design bug caused havoc on 30 March
Neatgear has cocked up its cloud management service, losing data stored locally on ReadyNAS devices' shared folders worldwide – and customers have complained to The Register about only being informed four weeks later.
This week, the San Jose-based networking business sent an email to customers, seen by The Register, confirming that an "outage" affecting ReadyCLOUD, the free service for its network attached storage offering, caused the storage systems to disconnect from the cloud service and be marked as deleted at the end of March.
Compounding the issue, as part of a clean-up process, Netgear decided that when a ReadyCloud account is marked as closed, the NAS holding that account's home folder should be deleted along with all of the data it was holding.
As one user complained to The Register: "In practice, accounts are generally deleted from the NAS admin screen by the user and a big warning flashes up to tell you that all data will be deleted. In this case, as the glitch was server side, no warning was presented and loads of people found that their home folders and data had mysteriously been deleted, by the looks of it, at the command of Netgear."
The Reg reader got in touch to say that the outage lost all of his photographs of a trip with his 18-month-old daughter to Disneyland, and complained that despite Netgear's claims they had identified all users, the company had not yet contacted him.
The Register asked Netgear what the cause of the incident was, in response to which the company told us it was "a server outage".
"There was no outside or malicious action that caused this issue," said the spokesman. "It was caused by an internal server-side interruption. Should note that ReadyCLOUD is an enterprise VPN grade remote access solution and at no point has it ever been compromised."
Netgear said it "cannot estimate at this point that any data loss has taken place given that we are actively working with those affected by the outage to help recover their data."
"The affected number of users was between 40 and 50," the spokesperson claimed, "of which mostly were consumers and not business. We encourage anyone who may think that they have been impacted by this outage to contact us for assistance as soon as possible."
In response to our questions regarding the four-week delay, the spokesperson said: "We had immediately reached out to those registered users who appeared to have been affected by the outage.
"To err on the side of caution, Netgear then subsequently expanded our outreach to the larger community to ensure that no one who may have been exposed by the incident had been overlooked," they added. "It should also be noted the importance of registering Netgear products. We encourage product registration for instances such as this when communication to our customers becomes necessary.
"We have already identified the root cause in our server software and applied a patch immediately after the incident occurred. We are currently working with each impacted user to recover as much of their data as possible using custom data recovery tools," the spokesperson added. ®
Sponsored: Becoming a Pragmatic Security Leader