VFEmail (Email provider)
“Effectively gone” after destructive breach
The Catastrophe
In Feb 2019, an intruder wiped primary and backup data across U.S. servers; the founder said VFEmail was “effectively gone,” fearing 18 years of data were lost. Krebs on SecurityBleepingComputerWe Live Security
Fallout
Service collapse; customers’ historical email largely unrecoverable; partial, older backup in the Netherlands was found but far from a full restore. Digital Watch Observatory
Security Layer Failures Analysis
- ❌ Layer 1: People — Admin/process gaps around privileged activity detection.
- ❌ Layer 2: Physical — Inadequate segregation across data centers/backups.
- ❌ Layer 3: Cyber — No effective anomaly detection to stop mass disk formatting; backup systems reachable.
- ❌ Layer 4: Risk Management — No scenario planning for destructive, no-ransom attacks.
- ❌ Layer 5: Leadership — Under-resourced governance of backup architecture & access.
- ❌ Layer 6: Culture — Backups not treated as sacred/immutable operational assets.
- ❌ Layer 7: Resilience — Lack of immutable/offsite backups and rehearsed restoration paths.
ROI of Prevention
Immutable/offsite backups, SOC monitoring for destructive behavior, cross-site segregation, and CISO-led recovery objectives could have preserved continuity and customer trust. Krebs on Security