Canon coding error leads to permanent loss of users' files

Canon has confirmed that some users’ media has been permanently lost following a coding error that arose from a botched attempt to switch its service to new software.

The company attempted to switch its cloud-based media hosting service to a new version of the software that controls these services on 30 July, but soon identified an issue involving the 10GB long-term storage option.

In order to further investigate the problem, Canon temporarily took down both the mobile and web-based applications, leading to an outage that coincided with a suspected ransomware attack, although the two incidents are entirely unrelated.

Canon identified that some of the photos and video files saved in the 10GB long-term storage before 16 June were lost, although the still image thumbnails were unaffected. After resolving the issue, Canon restored the services on 4 August.

An update issued by the firm revealed the code to control the short-term storage operated on both the short-term storage and long-term storage functions, which directly caused the loss of some images stored for more than 30 days. Canon hasn’t indicated how many users were affected, or the scale of losses from the cloud service disruption.

“There is no technical measure to restore lost video images,” the company said on the website. “Still images can be restored, but not with original resolutions. We offer our deepest apologies to affected users.”

The incident exposes one of the major shortcomings of cloud computing, in that it relies on customers entrusting their data to third parties to host safely and securely. Although, for the most part, cloud hosting services, whether it’s Dropbox or Google Drive, have a strong track record, one slip-up could shatter customer trust.


Introducing VMDR: Vulnerability Management, Detection and Response

The all-in-one vulnerability management service


Canon customers, many of which are professional photographers who rely on the cloud hosting service, have encouraged others to follow the “3-2-1 rule” following the incident; three copies comprising two onsite backups and one offsite backup.

The outage occurred in parallel with a suspected Maze ransomware attack, in which two dozen domains were rendered offline and the hackers reportedly compromised 10TB of data.

“We are aware that Canon USA are experiencing system issues – an investigation is currently taking place," a spokesperson told IT Pro at the time. "We can confirm however that this is unrelated to the data loss we experienced on earlier this week.”

Keumars Afifi-Sabet
Features Editor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.