Lost Data without backups.
A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades' worth of records and knocked out billing systems that won't be restored until next week at the earliest. The attack was detailed by the Delta-Montrose Electric Association (DMEA) in a post on its website explaining …
There clearly are backups, as the article talks about data not being restored until next week.
Of course, restoring the system can't even start until the source of the ransomware has been identified, all traces of it removed, and the point of entry closed. That could take longer than the restore itself.
It may also be that the data are all backed up, but that getting everything back to a usable state requires restoring a few-days-old full backup and then replaying backed-up transactions from incremental backups until restoration of the 'current' system is achieved. If the incremental backups are also suspect after the attack then the transactions may have to be recovered from logs or re-entered by hand.
We've been seeing malware efforts like this for several years now so if you are backing up data then set up a server that does not show up on the network, is read-only and makes regular complete system backups - e.g. tapes. Restoring incremental backups takes a while when malware means that you have to restore everything ... as illustrated (but not described) by this story so a box of complete backup tapes works although restoring all the computers does take a long time.
What kind of databases these guys use if ransomware was able to encrypt them - MS Access / Excel spreadsheets on a shared drive ot MS SQL files accessible by non-administrators or some self made file based "databases", or admins are just too sloppy to trigger the attack themselves.
Maybe they are hiding something.
Just how much data does *any* company need, going back that far? I bet the vast majority of the "lost" data really isn't needed and is never, ever used or accessed.
Does it really how much Mrs Miggans paid for energy usage in January 1990? Maybe, when aggregated across her entire history, or that of other customers, but does it matter how she paid and precisely when she paid?
This post has been deleted by its author
The difference between a customer who always pays on time and one who needs chasing - is substantial in that business.
And then there are the records of properties built, wired, inspected and connected, meters installed... Obviously the vast bulk of records will be substantially newer, but a few outliers can go back a very long way. And *those* records could be very important.
"Just how much data does *any* company need, going back that far?"
It's a cooperative. If it's like the electriticy cooperative I belonged to for a few years: the customers are actually shareholders, getting back a tiny annual return based on historical usage. A pittance in monetary terms, but it's actually the whole business in legal terms. The state government does good business seizing the returns for ex-customers/shareholders who fail to update their address when they move, so they will be highly interested in how the cooperative handles this.