Google Mistakenly Deletes Data from $135 Billion Pension Fund
Google’s cloud platform deleted UniSuper’s entire customer account, along with all backups.
UniSuper, a major Australian superannuation provider with 647,000 members, disclosed that Google’s Cloud service unintentionally erased primary data and its backups.
Fortunately, the $135 billion ($89.56 billion) fund managed to recover by utilizing another service for data backup.
According to the incident log, the downtime initiated on May 2 and complete restoration of services took place on May 15.
The UniSuper website shared a joint statement from UniSuper CEO Peter Chun and Google Cloud CEO Thomas Kurian addressing the issue.
“Google Cloud CEO Thomas Kurian confirmed that the disruption occurred due to an unprecedented sequence of events resulting in the deletion of UniSuper’s Private Cloud subscription,” the statement said.
“This incident, labeled as a ‘one-of-a-kind occurrence,’ had never happened before with any of Google Cloud’s clients globally. Google Cloud acknowledges the events that led to this problem and has implemented measures to prevent it from happening again.”
Related Stories
The statement elaborates on the delay in restoring the data, stating, “UniSuper had redundant data in two locations as a precaution against outages and data loss. However, when the deletion of UniSuper’s Private Cloud subscription occurred, it impacted both of these locations.”
It appears that Google Cloud’s mechanisms to prevent account deletion failed, necessitating a restore from another cloud service provider.
The technology giant promptly confirmed post-data loss that the issue was not a cyberattack and that “no data was exposed to unauthorized third parties.”
Engineer Attributes Outage to Simple Bug
Although Google has not provided specifics on what transpired, software engineer Daniel Compton examined the outage and determined that the problem stemmed from the creation of the account.
Compton explains, “A bug led to the entry of an incorrect value, resulting in the private cloud being created with a one-year subscription instead of a perpetual one.”
“After one year, Google Cloud automatically deleted the private cloud,” he states.
“The press release uses vague language, obscuring the technical details of what happened… [but] it is evident that this was indeed a Google Cloud bug. I am puzzled why the communication about this incident was subpar. The silence from Google Cloud led many to believe that they had erased a company’s entire Google Cloud environment.”
Compton hopes that APRA, Australia’s superannuation regulator, will look into the incident.
