Victoria University of Wellington accidentally nukes files on all desktop PCs
Last Friday, IT staff at the Victoria University of Wellington started a maintenance procedure aimed at reclaiming space on the university network—in theory, by removing the profiles of students who no longer attend the university. The real impact, unfortunately, was much larger—affecting students, faculty, and staff across the university.
The Critic—student magazine of the Otago University Students’ Association—reported the issue pretty thoroughly this Wednesday, although from a non-IT perspective. It sounds like an over-zealous Active Directory policy went out of bounds—the university’s Digital Solutions department (what most places would refer to as Information Technology, or IT) declared that files stored on the university network drives, or on Microsoft’s OneDrive cloud storage, were “fully protected.”
A grad student reported that not “only files on the desktop were gone” but “my whole computer had been reset, too,” which would be consistent with an AD operation removing her user profile from the machine entirely—in such a case, a user would be able to log in to the PC, but into a completely “clean” profile that looked factory new.
The same student reported hearing that some PhD students lost a year’s worth of data, saved only on their local computers and wiped by the errant maintenance procedure. For those Arsians who don’t work in IT themselves, there’s a lesson here—be careful where, and how, you save your data.
It’s unclear whether the university accidentally wiped users’ files on its network drives at all—but even if it did, there’s a very strong, reasonable expectation that those drives would be backed up regularly and completely. No such expectation exists for the local drive on a user’s PC or laptop—if the only place you saved it is your own C: drive, that’s almost certainly the only place it exists.
For routine data, it’s sufficient to understand company policy on what is or is not backed up and save your data accordingly. For items of significant personal importance—such as a PhD student’s thesis—it’s unwise to rely entirely on the IT department to safeguard the data in the first place. There’s no substitute for taking responsibility for your own data and keeping regular, tested backups of your own.