Data Centre

Cloud

IT blunder permanently erases 145,000 users' personal chats in KPMG's Microsoft Teams deployment – memo

'Microsoft has confirmed the Teams chat data is not recoverable'

80 Got Tips?

Exclusive The personal chat histories of 145,000 Microsoft Teams users at KPMG were inadvertently and permanently deleted this month, thanks to an IT blunder.

That's according to an internal email by Global CIO John Applegate, seen by The Register today, to other IT leaders within the organization on Friday.

Evidently, the accountancy giant's Global Technology & Knowledge (GT&K) group attempted to remove a single user's account from an active retention policy on Saturday, August 15. But the operation didn't go as planned.

This error resulted in the deletion of chat history from end users throughout KPMG

"In the execution of this change, a human error was made and the policy was applied to the entire KPMG Teams deployment instead of the specific account," said the internal memo. "This error resulted in the deletion of chat history from end users throughout KPMG."

Two KPMG spokespeople reached by phone said they were unaware of the message, though promised to make inquiries to colleagues to confirm its authenticity. They later declined to comment.

The incident's impact, the message said, varies across the company's network, affecting some groups more than others. Though the applicable retention policy has since been reverted, the effects of the chat deletion may persist through Monday, August 24.

That may be something of an understatement since the chat discussions at issue are said to have vanished forever. "Microsoft has confirmed the Teams chat data is not recoverable," the message explains.

Only personal chats were lost, it's claimed, not chats conducted as part of a Teams meeting or Teams channel, and not any files uploaded to personal chat threads.

Putting the d'oh! in Adobe: 'Years of photos' permanently wiped from iPhones, iPads by bad Lightroom app update

READ MORE

Microsoft, supposedly, put the number of affected accounts at 145,000 and is expected to provide an update on Monday. We asked Microsoft to comment on the situation and we've not heard back.

"It is highly likely that all countries have a number of users that will experience loss of 'chat' data and member firms are advised to set users’ expectations accordingly," the message says.

While GT&K is dealing with the incident, changes to KPMG's Teams environments are said to have been put on hold and service requests can be expected to receive greater scrutiny, including a product management review and a "four-eyed" check process – approval will require two people instead of just one.

The IT group is also said to be working with Microsoft "to improve policy design and behavior in Microsoft Teams" – make the app less dangerous to data – and "to automate service execution and remove human intervention in policy management" – reduce the role of problem-prone people.

The message says that on a Global CIO Steering Group call on August 19, several CIOs stressed that personal chats should not be used to store essential business data, adding that they've said as much to their respective organizations. The memo's sender suggests that IT leaders reading the note might want to make similar recommendations within their own organizations. ®

Tell us something we don't know: Tip us off securely.

Sign up to our NewsletterGet IT in your inbox daily

80 Comments

Keep Reading

Canary-build Microsoft browser blocks Microsoft extension from inflicting Microsoft search engine

Virtue is its own reward

Not one to be outdone by Microsoft, Apple's cloud fell over too. Unlike Microsoft, it hasn't said what happened

Apple TV, iCloud Mail, iWork for iCloud, App Store and more go TITSUP*

Microsoft will release a web browser for Linux next month. Repeat, Microsoft will release a browser for Linux – and it uses Google's technology

Ignite This means Linus Torvalds has definitely won, doesn't it?

Microsoft 365 Business to gain more Azure Active Directory toys... oh, and it's called Microsoft 365 Business Premium (from 21 April)

Because this Office branding shake-up isn't confusing at all

The next time Microsoft 359 craps itself, at least it'll be easier to hunt down help

Support and knowledge base articles consolidated into a single and search engine-friendly location

Microsoft cooking Azure instance types just for chip designers

Ties up with TSMC on innovation lab and banks on elasticity speeding up design pipeline

Wow, Microsoft's Windows 10 always runs Edge on startup? What could cause that? So strange, tut-tuts Microsoft

Punters asked to hand over their logs if browser keeps coming to life against their wishes

Microsoft reveals slow, staccato, disruptive auto-patching service for some Windows VMs on Azure

Not for all patches, not ASAP, not all at once, not for production workloads and maybe not worth it yet?

Microsoft releases kernel for unique (but critically panned) Surface Duo phone

Special source poured into GitHub

Microsoft submits Linux kernel patches for a 'complete virtualization stack' with Linux and Hyper-V

Linux on Azure might no longer need Windows

Tech Resources

Three reasons you need a hybrid multicloud

Businesses need their IT teams to operate applications and data in a hybrid environment spanning on-premises private and public clouds. But this poses many challenges, such as managing complex networking, re-architecting applications for the cloud, and managing multiple infrastructure silos. There is a pressing need for a single platform that addresses these challenges - a hybrid multicloud built for the digital innovation era. Just this Regcast to find out: Why hybrid multicloud is the ideal path to accelerate cloud migration.

Has Recent Rapid Cloud Adoption Increased Your Threat Risk?

It’s time to embrace cloud capabilities that can help businesses address speed to market through agility, lower TCO and an increased security posture.

IBM and Nvidia® Solutions Power Insights with the New AI

IBM is well-positioned to help organizations incorporate high-performance solutions for AI into the enterprise landscape.

SANS Institute: Cloud Security Survey Results

How do you close visibility gaps, integrate conflicting datasets from different providers and adjust your current incident response strategies to respond to cloud-specific threats?