Welcome!

Cloud Expo Authors: Greg O'Connor, Krisandra Russo, Roger Strukhoff, RealWire News Distribution, Tong Liu

Related Topics: Cloud Expo

Cloud Expo: Article

Carbonite Loses Cloud-Based Data, Sues Storage Vendor

The service raised $46 million in venture funding
By Maureen O'Gara
Article Rating:
March 22, 2009 06:00 AM EDT
Reads:
 4,004

Carbonite, the online backup vendor, says it lost data belonging to over 7,500 customers in a number of separate incidents in a suit filed in Massachusetts charging Promise Technology Inc with supplying it with $3 million worth of defective storage, according to a story in Saturday’s Boston Globe.

The catastrophe is the latest in a series of cloud failures.

Carbonite charges Promise with fraud, unfair and deceptive business practices, and breach of contract.

Carbonite is also suing system integrator Interactive Digital Systems Inc, who brought the storage in, claiming breach of warranty.

The widgetry was supposed to detect disk failures and transfer the data to a working drive. It allegedly didn’t.

The story says Promise couldn’t fix the errors and “Carbonite’s senior engineers, senior management and senior operations personnel…spent enormous amounts of time dealing with the problems.”

Carbonite claims the data losses caused “serious damage” to its business and reputation for reliability. It’s demanding unspecified damages. Promise told the Globe there was “no merit to the allegations.”

The suit was filed in Suffolk Superior Court.

Carbonite, which sells largely to consumers and small businesses and competes with EMC’s Mozy, tells its customers: “never worry about losing your files again.”


Dear Maureen,

I noticed that you covered Carbonite's lawsuit against Promise Technologies and I would like to make sure that your readers understand two points with regard to the lawsuit:

  • 1) The data loss event discussed in the lawsuit happened over a year ago. We do not say this to minimize the matter, but it's important for your readers to know that we stopped buying the servers that caused the problem a long time ago. This is not a current problem.
  • 2) The total number of Carbonite customers who were unable to retrieve their data was 54, not 7,500.

Here is what happened: The Promise servers that we were purchasing in 2006 and 2007 use RAID technology to spread data redundantly across 15 disk drives so that if any one disk drive fails, you don't lose any data. The RAID software that makes all this work is embedded as "firmware" in the storage servers.  In this case, we believe that the firmware on the servers had bugs that caused the servers to crash.  Carbonite automatically restarted all 7,500 backups and more than 99% of these were completely restored without incident.   Statistically, about 2 out of every 1,000 consumer hard drives will crash every week, so 54 of these customers had their PCs crash before their re-started backups were complete.  Since they weren't completely backed up when their PCs crashed, these customers were unable to restore all of their files from Carbonite.  Most of the 54 got some or most of their data back.  We took full responsibility for what happened and I did my best to call each of these customers personally to apologize. 

As a result of our problems with the Promise servers, a couple of years ago we switched to a popular Dell server that uses RAID6 - an improved RAID that allows for the loss of 3 of the 15 drives simultaneously before you lose any data. This configuration is in theory 36 million times more reliable than a single disk drive - the chances of 3 out of 15 drives failing at the same time are almost nil. 

So far, Promise has refused to accept responsibility for their equipment's failures, so now we are suing them to get our money back. The Dell RAID servers have been flawless and we're extremely happy with them.

We'd appreciate anything you can do to make sure that your readers understand the facts.  Please feel free to call me if you need further clarification. 

Regards,

Dave Friend

David Friend | Chairman & CEO
Carbonite, Inc. | 334 Boylston St., 3rd Floor | Boston, MA | 02116
Office: 617-587-1110 | Fax: 617-587-1101
www.carbonite.com  
Backup.  Simple.

Published March 22, 2009 – Reads 4,004
Copyright © 2009 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025.

Comments (5) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
brettraynes 05/13/09 04:44:00 AM EDT

I agree with nschrenk about Carbonite probably relying on a single RAID volume. They don't say, so we cannot be sure.

But, they do blame RAID for the loss and claim that going to RAID6 will solve the problem.

As a minimum data needs to be replicated into separate geographically separate locations - mitigate against RIAD issues or any other single location problems.

S3 does this, but so do other professional services such as the ones we rely on (Connected, LiveVault, Attix5 and Asigra).

Suffice to say that customers should ask the question before using any service and entrusting their critical business data.

Could someone from Carbonite clarify this for us please – if a customer’s data is stored in multiple locations, then this add a ton of confidence – and would help us endorse the service as meeting best practice.

Brett Raynes
Managing Direct, Backup Direct
www.backupdirect.net
www.twitter.com/brettraynes1
nschrenk 05/12/09 10:41:00 AM EDT

I infer from this story that Carbonite stores a single copy of its customers' data on a RAID6 volume in one location. And they used to do the same thing, but with RAID5. If this isn't true, please correct me, but if it is, it sure wouldn't make me feel secure.

Just think of all the types of single-machine failures that could result in data loss! What if the power supply goes bad and fries the electronics in all of the drives in the system simultaneously? What if a small fire roasts all the drives in the system? What if an administrator makes a mistake on one of the systems?

A backup service built on top of a much more robust storage system like Amazon S3 would make me feel a whole lot more secure than what Carbonite appears to offer. Keeping a copy of the data on another machine in the same data center is a minimum requirement, and keeping a copy on a machine in a different data center would be nice.
brettraynes 05/12/09 09:52:00 AM EDT

Backup Direct (www.backupdirect.net) has been supplying business-grade online backup services for seven years. We like to think we know what we are doing and have seen enough examples of the good, the bad and the ugly in this industry!

We are in the fortunate position of using other vendors' technologies – not our own – and select suppliers based on a detailed knowledge of our customers' requirements and the vendors’ capabilities.
From an outsider's point-of-view, it seems that Carbonite is blaming the hardware from Promise for the data loss; whilst Promise is saying that Carbonite did not know what they were doing (see their guarded response on their site).

Now, as Carbonite has/had been going for a few years max and Promise has/had 20-years of experience – I think one can infer (but not prove) that Carbonite should shoulder at least some of the blame for this loss. It looks a little like they are 'workmen blaming their tools'.

We have seen this happen before. It is so easy to put up a web site and some code to backup data – but to make it work in a scaled-up environment is hugely more complex. To argue that RAID6 is 36-million times more reliable to than RAID5 shows naivety in the extreme – and a lack of deep understanding of the real issues – some of which include people, processes, design...There is a very low barrier to entry in the online backup industry – which puts customer data at risk.

Connected's technology from Iron Mountain forms the core of our PC backup service. It has over three million paying users (I stress 3m pay to use it – not free). Companies having chosen it after proper due-diligence include: Intel, Hilton, Amazon, Google, Boeing, PwC, Grant Thornton, Logica...

These companies put effort into selecting vendors. But the standard small business or home user cannot do this. They are left to rely on the marketing 'hype' from certain vendors – which evidently can be weightier than the service infrastructure behind it.
Connected has been developed over 15-20 years and is proven. I have seen it have problems and suffered as these have been ironed out. I certainly know that a problem at RAID level would not have resulted in data.

Brett Raynes
Managing Director, Backup Direct
www.backupdirect.net
brett@backupdirect.net
www.twitter.com/brettraynes1
vchar 04/01/09 02:54:00 PM EDT

Carbonite customers’ data loss is not Promise’s fault. For some more context on this case, see Promise's response in a letter sent to customers this week at www.promise.com/ support/ Announcements.asp
onlinebackups 03/24/09 09:29:24 AM EDT

You failed to mention this data loss happened back in 2007, and only a small handful of customers were actually affected. Once Carbonite realized the disk failure, they flagged those files to be backed up again, and were transferred from the user's PC to Carbonite's backup servers again. Carbonite is still a good backup system, although I still prefer Mozy.
Cloud Expo Breaking News
By Cloud News Desk
SYS-CON Events announced today that Objectivity, a leading provider of scalable database management solutions for mission-critical, real-time and distributed applications, has been named “Bronze Sponsor” of SYS-CON's 5th...
Feb. 9, 2010 05:15 PM EST  Reads: 223
By Krisandra Russo
SYS-CON Events announced today that NetStar Systems, an IT and consulting provider supporting federal and private sectors, will exhibit at SYS-CON's 5th International Cloud Expo (www.CloudComputingExpo.com), which will t...
Feb. 9, 2010 04:30 PM EST  Reads: 331
By Liz McMillan
SYS-CON Events announced today that Ping Identity, the leader in Internet Identity Security, will exhibit at SYS-CON's 5th International Cloud Expo, which will take place on April 19-21, 2010, at the Jacob Javits Convent...
Feb. 8, 2010 06:45 PM EST  Reads: 1,029
By Krisandra Russo
Cloud Computing is receiving a lot of attention, and a number of companies see it as a key to increased agility and efficiency. The technology, however, is still at an early stage and many fundamental challenges need to ...
Feb. 8, 2010 06:30 PM EST  Reads: 1,657
By Pat Romanski
What are some of the most important cloud platform strategies any IT executive should consider? The sooner you include these concepts into your cloud roadmap, the better. In his session at the 5th International Cloud Exp...
Feb. 8, 2010 05:45 PM EST  Reads: 844
MORE »