they have a third party hosting provider that keeps backups on the same storage volume as production?
That right there is a whole other concern.
whoever decided that backups need to be directly tied to storage volumes needs to reevaluate hardcore. I see no reason to link it directly to storage volumes and deleting a storage volume should not delete the backups that are tied to that volume. That is a systematic flaw that was just waiting to be abused.
In this case, it was an AI agent “going rogue”, but what if it was a hostile attacker that just decided they wanted to be malicious. deleting a storage volume, using an API key, should not delete the backups that are associated with that volume, Realistically, that should be a whole separate system, and you should be able to restore backups that are under your account to whatever volume you want to.
they have a third party hosting provider that keeps backups on the same storage volume as production? That right there is a whole other concern.
whoever decided that backups need to be directly tied to storage volumes needs to reevaluate hardcore. I see no reason to link it directly to storage volumes and deleting a storage volume should not delete the backups that are tied to that volume. That is a systematic flaw that was just waiting to be abused.
In this case, it was an AI agent “going rogue”, but what if it was a hostile attacker that just decided they wanted to be malicious. deleting a storage volume, using an API key, should not delete the backups that are associated with that volume, Realistically, that should be a whole separate system, and you should be able to restore backups that are under your account to whatever volume you want to.