Data loss. From burnt up scrolls to corrupted servers, data loss has plagued humanity since the dawn of written history.
Now, in the Information Age, we’ve never had so much data at once—or so much to lose. In this article, we look back at the five worst data loss disasters in recorded history and what could have been done to avoid them.
1. A Criminal Case of Data Loss: UK Government Loses Prisoner Data
You’d assume that prisons are secure places. Especially prisons run by the UK Government. But in 2009, the UK home office lost confidential information on every prisoner in the country, including more than 40,000 serious offenders who had committed violent and sexual crimes.
So how did they lose the criminal’s data in the first place? One employee transferred all the data from a secure server onto a USB stick. Then, they lost the USB stick. The USB data was in an unencrypted format. This definitely deserves to be on the list of worst data loss disasters.
The moral of the story: Make sure you have clear, concise IT security policies, and maybe specify that employees shouldn’t download the entire UK prisoner list onto a USB in unencrypted format.
2. A Data Disk with 25 Million People’s Personal Details, Lost in Post
You’d think the UK Government losing prisoner information was bad. But what was worse was it wasn’t the first data loss scandal in 24 months. The previous year, in 2008, they posted a data disk with the personal records of 25 million individuals… then lost it in transit.
This included dates of birth, addresses, bank account and national insurance numbers. Worse, it had the information over all families in the UK claiming child benefit, including information on 15,5 million children. It was also not securely encrypted.
The moral of the story: Nobody should be sending so much critical data via disk and post. Data should be sent digitally in an encrypted format between two trusted sources. The data transfer also should have been registered and recorded.
3. Data on 26 Million US Veterans Lost, Years of Federal Lawsuits
The U.S. Government aren’t immune to data loss either. In 2006, a data analyst for the Department of Veterans Affairs had his laptop and external hard drive stolen from his home.
This might not have been a big deal, except it just so happened to have the personal information of 26.5 million military veterans and military personnel on it. This means names, birthdates, social security numbers, etc. It was the largest security breach in U.S. Government history—and one of the worst data loss disasters of modern times.
The whole debacle lead to a nationwide search. Eventually, the laptop was found after a $50,000 reward was publicly offered. While the FBI announced the data had thankfully not been accessed, the incident lead to a class-action lawsuit on behalf of the men and women whose data was on the laptop.
After three years of litigation, the Department of Veteran Affairs had to pay out $20 million over the embarrassing data loss incident.
The moral of the story: Bring your own device (BYOD) is a double-edged sword and a potential security risk. Make sure devices for work are password protected and remote-wipe is enabled, so your IT service provider can shut them down remotely if they’re lost or stolen.
4. Death of a Social Software Star: Ma.Gnolia
In terms of global significance, the collapse of Ma.gnolia may seem small. But it is a cautionary tale and the worst data loss disaster to ever hit a business.
Who is Ma.gnolia, you ask? From 2005 to 2009, Ma.gnolia was an up-and-coming social bookmarking website. At the time, it distinguished itself from its competitors with the ability to store snapshots of bookmarked web pages and share groups of bookmarks between users. Among the early adopters of open standards, it was a pioneer in its field, and everyone expected it to take and keep a large chunk of the social bookmarking market share.
Then, in January 2009, disaster struck. The Ma.gnolia servers lost all their data in a complete outage. Due to data corruption, all user data was irretrievable, rendering the site essentially dead. While they had a single on-site backup, it had duplicated the corruption, and there was no off-site backup to recover their servers from.
Attempts were made to revive the budding business as ‘Gnolia’, but to no avail. The business was shut down for good in 2010, taken out by a single outage.
The moral of the story: The CEO of Ma.gnolia admitted if the business had an off-site backup, their business wouldn’t have experienced such a data catastrophe. If they’d implemented a 3-2-1 backup strategy along with a reliable backup software (e.g. BackupAssist), Ma.gnolia would still be around today.
5. The First Data Loss Disaster: Library of Alexandria
It may be shocking for Millennials to hear, but before laptops and PCs, people kept their data stored in books (We’re not even talking Kindles here).
So when the Library of Alexandria in Egypt burned down in 300BC, taking with it 500,000 scrolls containing advanced and irreplaceable works of mathematics, astronomy, physics, poetry etc, the data loss was so great we’re still hearing about it over two centuries after the fact.
That makes it a strong contender for ‘worst data loss disaster of all time’, don’t you think?
The moral of the story: Firstly, no setting fires in the library. Secondly? Maybe make redundant copies of your works. Having a single copy of each book is just asking for trouble. Computers not being invented is no excuse for data loss!
(Dis)honorable Mentions for Worst Data Loss Disasters
Especially in modern history, there’s countless examples of people just not protecting their data properly. Here are some candidates that almost made our ‘Worst Data Loss’ list:
• British Royal Navy (2008): In the wake of the UK Government losing 25 million people’s data, a British Royal Navy Officer left his laptop in a car… with the details of everyone who applied to join the armed forces (Army, Marines, Air Force) for the last ten years on it. It was stolen, along with the 600,000 applicants information.
• Daily Mail (2008): During these data loss disasters, the Daily Mail was rightly taking these “criminally careless” UK organizations to task. But then the paper lost one of its laptops with the personal information of thousands of its employees on it—including bank account numbers. Those in glass houses…?
• Los Alamos (Since always): Almost every five to ten years, the Los Alamos National Laboratory in New Mexico—where the U.S. conducts nuclear weapons research—somehow experiences data loss. Even though they’ve got a vault for their secure top-secret data, hard drives with nuclear secrets go missing. Sometimes they’re found behind copiers and staff wait over three weeks to disclose the missing drives. Even though these data loss debacles date back to the cold war, the U.S. Government has just recently started fining them.
• Health Net (2011): Health Net, a provider of managed health care services, lost nine server drives with 1.9 million customer’s personal and health data. It contained names, addresses, social security numbers, financial information, and health data of current and former members, employees and health care providers.
• Samsung (2014): You’d think a telecommunications titan like Samsung would know to back up their data. But in April 2014, it became apparent Samsung didn’t when its data center in South Korea burned to the ground. At first, it seemed like several hours out mobile outage was the worst to come of it… until Samsung realised it had not backed up certain data stored only on the South Korean servers. It just goes to show, nobody’s too big to fail.
What All Of Them Needed!
No matter their size or shape, all of these organizations and businesses needed a sound data protection plan. You can avoid making the same costly mistakes by implementing a 3-2-1 Backup strategy. Always have three recent backups on two different media, and one off-site backup!
To do that, you need a reliable backup and recovery software, preferably one that includes high-level AES Encryption in its base package. We recommend BackupAssist, especially since it offers a 30-day free trial.