Click here to close now.




















Welcome!

@CloudExpo Authors: Liz McMillan, Pat Romanski, Mike Kavis, Don MacVittie, Elizabeth White

Related Topics: @CloudExpo

@CloudExpo: Article

Carbonite Loses Cloud-Based Data, Sues Storage Vendor

The service raised $46 million in venture funding

Carbonite, the online backup vendor, says it lost data belonging to over 7,500 customers in a number of separate incidents in a suit filed in Massachusetts charging Promise Technology Inc with supplying it with $3 million worth of defective storage, according to a story in Saturday’s Boston Globe.

The catastrophe is the latest in a series of cloud failures.

Carbonite charges Promise with fraud, unfair and deceptive business practices, and breach of contract.

Carbonite is also suing system integrator Interactive Digital Systems Inc, who brought the storage in, claiming breach of warranty.

The widgetry was supposed to detect disk failures and transfer the data to a working drive. It allegedly didn’t.

The story says Promise couldn’t fix the errors and “Carbonite’s senior engineers, senior management and senior operations personnel…spent enormous amounts of time dealing with the problems.”

Carbonite claims the data losses caused “serious damage” to its business and reputation for reliability. It’s demanding unspecified damages. Promise told the Globe there was “no merit to the allegations.”

The suit was filed in Suffolk Superior Court.

Carbonite, which sells largely to consumers and small businesses and competes with EMC’s Mozy, tells its customers: “never worry about losing your files again.”


Dear Maureen,

I noticed that you covered Carbonite's lawsuit against Promise Technologies and I would like to make sure that your readers understand two points with regard to the lawsuit:

  • 1) The data loss event discussed in the lawsuit happened over a year ago. We do not say this to minimize the matter, but it's important for your readers to know that we stopped buying the servers that caused the problem a long time ago. This is not a current problem.
  • 2) The total number of Carbonite customers who were unable to retrieve their data was 54, not 7,500.

Here is what happened: The Promise servers that we were purchasing in 2006 and 2007 use RAID technology to spread data redundantly across 15 disk drives so that if any one disk drive fails, you don't lose any data. The RAID software that makes all this work is embedded as "firmware" in the storage servers.  In this case, we believe that the firmware on the servers had bugs that caused the servers to crash.  Carbonite automatically restarted all 7,500 backups and more than 99% of these were completely restored without incident.   Statistically, about 2 out of every 1,000 consumer hard drives will crash every week, so 54 of these customers had their PCs crash before their re-started backups were complete.  Since they weren't completely backed up when their PCs crashed, these customers were unable to restore all of their files from Carbonite.  Most of the 54 got some or most of their data back.  We took full responsibility for what happened and I did my best to call each of these customers personally to apologize. 

As a result of our problems with the Promise servers, a couple of years ago we switched to a popular Dell server that uses RAID6 - an improved RAID that allows for the loss of 3 of the 15 drives simultaneously before you lose any data. This configuration is in theory 36 million times more reliable than a single disk drive - the chances of 3 out of 15 drives failing at the same time are almost nil. 

So far, Promise has refused to accept responsibility for their equipment's failures, so now we are suing them to get our money back. The Dell RAID servers have been flawless and we're extremely happy with them.

We'd appreciate anything you can do to make sure that your readers understand the facts.  Please feel free to call me if you need further clarification. 

Regards,

Dave Friend

David Friend | Chairman & CEO
Carbonite, Inc. | 334 Boylston St., 3rd Floor | Boston, MA | 02116
Office: 617-587-1110 | Fax: 617-587-1101
www.carbonite.com  
Backup.  Simple.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (5) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
brettraynes 05/13/09 04:44:00 AM EDT

I agree with nschrenk about Carbonite probably relying on a single RAID volume. They don't say, so we cannot be sure.

But, they do blame RAID for the loss and claim that going to RAID6 will solve the problem.

As a minimum data needs to be replicated into separate geographically separate locations - mitigate against RIAD issues or any other single location problems.

S3 does this, but so do other professional services such as the ones we rely on (Connected, LiveVault, Attix5 and Asigra).

Suffice to say that customers should ask the question before using any service and entrusting their critical business data.

Could someone from Carbonite clarify this for us please – if a customer’s data is stored in multiple locations, then this add a ton of confidence – and would help us endorse the service as meeting best practice.

Brett Raynes
Managing Direct, Backup Direct
www.backupdirect.net
www.twitter.com/brettraynes1

nschrenk 05/12/09 10:41:00 AM EDT

I infer from this story that Carbonite stores a single copy of its customers' data on a RAID6 volume in one location. And they used to do the same thing, but with RAID5. If this isn't true, please correct me, but if it is, it sure wouldn't make me feel secure.

Just think of all the types of single-machine failures that could result in data loss! What if the power supply goes bad and fries the electronics in all of the drives in the system simultaneously? What if a small fire roasts all the drives in the system? What if an administrator makes a mistake on one of the systems?

A backup service built on top of a much more robust storage system like Amazon S3 would make me feel a whole lot more secure than what Carbonite appears to offer. Keeping a copy of the data on another machine in the same data center is a minimum requirement, and keeping a copy on a machine in a different data center would be nice.

brettraynes 05/12/09 09:52:00 AM EDT

Backup Direct (www.backupdirect.net) has been supplying business-grade online backup services for seven years. We like to think we know what we are doing and have seen enough examples of the good, the bad and the ugly in this industry!

We are in the fortunate position of using other vendors' technologies – not our own – and select suppliers based on a detailed knowledge of our customers' requirements and the vendors’ capabilities.
From an outsider's point-of-view, it seems that Carbonite is blaming the hardware from Promise for the data loss; whilst Promise is saying that Carbonite did not know what they were doing (see their guarded response on their site).

Now, as Carbonite has/had been going for a few years max and Promise has/had 20-years of experience – I think one can infer (but not prove) that Carbonite should shoulder at least some of the blame for this loss. It looks a little like they are 'workmen blaming their tools'.

We have seen this happen before. It is so easy to put up a web site and some code to backup data – but to make it work in a scaled-up environment is hugely more complex. To argue that RAID6 is 36-million times more reliable to than RAID5 shows naivety in the extreme – and a lack of deep understanding of the real issues – some of which include people, processes, design...There is a very low barrier to entry in the online backup industry – which puts customer data at risk.

Connected's technology from Iron Mountain forms the core of our PC backup service. It has over three million paying users (I stress 3m pay to use it – not free). Companies having chosen it after proper due-diligence include: Intel, Hilton, Amazon, Google, Boeing, PwC, Grant Thornton, Logica...

These companies put effort into selecting vendors. But the standard small business or home user cannot do this. They are left to rely on the marketing 'hype' from certain vendors – which evidently can be weightier than the service infrastructure behind it.
Connected has been developed over 15-20 years and is proven. I have seen it have problems and suffered as these have been ironed out. I certainly know that a problem at RAID level would not have resulted in data.

Brett Raynes
Managing Director, Backup Direct
www.backupdirect.net
[email protected]
www.twitter.com/brettraynes1

vchar 04/01/09 02:54:00 PM EDT

Carbonite customers’ data loss is not Promise’s fault. For some more context on this case, see Promise's response in a letter sent to customers this week at www.promise.com/ support/ Announcements.asp

onlinebackups 03/24/09 09:29:24 AM EDT

You failed to mention this data loss happened back in 2007, and only a small handful of customers were actually affected. Once Carbonite realized the disk failure, they flagged those files to be backed up again, and were transferred from the user's PC to Carbonite's backup servers again. Carbonite is still a good backup system, although I still prefer Mozy.

@CloudExpo Stories
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, provided some practical insights on what, how and why when implementing "software-defined" in the datacent...
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...