The City of Dallas released an initial analysis of the data breach and loss suffered by the Dallas Police Department in Spring 2021. The analysis found that a total of 22 terabytes (TB) of data had been lost, but through the efforts of analysts and advisors from Microsoft, the City was able to recover 14.49 TB of data. The remaining 7.51 TB is presumed deleted and lost forever.
The breach occurred when data was being transferred from a third-party cloud storage provider to an on-site system. The loss of data primarily impacted the Dallas Police Department. The report states that the majority of the lost information related to Family Violence cases that were either currently being investigated, were prosecutable, or were adjudicated. Additional files also contained reports of evidence gathered while investigating possible crimes.
The report found that there were two instances of data breaches. The first instance that led to the audit was the result of actions by a city IT employee. The report states that on March 30, a “backup technician” began an unauthorized “Hard Client Delete” process. Data loss was not discovered until April 5, when city personnel started having problems accessing archived files. The tech immediately began the recovery process and was able to recover 11 TB of data that day.
In all, around 4.1 million files have been permanently lost. The files include archived photographs, police reports, investigative files, and other data not duplicated on other servers. The audit identified other improper movements of data but verified that hundreds of millions of deleted files had been backed up on other servers.
The report cites several areas of improvement that it recommends the City take to prevent data loss in the future.
“The City has undeveloped data governance and data management policies, standards, and procedures in place,” the report reads. “A basic Data Management Strategy document is published on the city’s external website, but the document is out of date and has not been implemented as a formal activity and process within the city’s data environment.”
The report found that to what extent data management policies were in place within the various city departments, the guidelines were primarily governed by existing regulations, not intended to securely manage the flow of data.
The report says that the failure of the City to implement and enforce safe data practices was a factor in “the loss and resulting inability to recover the Dallas Police Department Data.”
“The City understands the seriousness and potential impacts of this data loss, and we are committed to improving how we manage our data to ensure its security and integrity,” said City Manager T.C. Broadnax in a press release. “In this report, our IT Department provides a path forward with a series of direct and actionable recommendations to improve our management of data and guard against any future data loss.”
The report does not address disciplinary actions dealing with employees or make recommendations about employment practices resulting from the data loss.
