cyber-privacy.net » Privacy » Email » CTemplar catastrophic incident with complete data loss – July 2021

CTemplar catastrophic incident with complete data loss – July 2021

  • Email
Dark screen with code

CTemplar, the highly secure webmail provider, competitor of ProtonMail, has totally lost all its client directory and all their emails on July 2021 09.

CTemplar catastrophic incident on July 2021 09

Although no message mention it on the CTemplar webmail portal, logging to you account it totally impossible since July 2021 09.

Screenshot: Unable to log in with provided credentials message on CTemplar.

Screenshot: Unable to log in with provided credentials message on CTemplar.

All accounts have been erased, as well as all their contents. CTemplar had underdone a catastrophic incident, which is terrible for its reputation.

Communication on the incident

CTemplar did not write any post and did not communicate clearly on the incident from its web portal. Just a short message on reddit mentionned the incident:

We recently had a system failure and some of our customer's data were irrecoverably lost.

We truly apologize for that. We cannot restore data from backups because we do not keep backups for security reasons. We will be revisiting that policy in the future. We will be happy to process refunds for anyone regardless of when they created their account.

If you have trouble accessing your account, please contact [email protected]. If you need help with anything else feel free to reach out to us.

Once again, we apologize for any inconveniences this might have caused.

Respectfully,
The CTemplar team
Screenshot: CTemplar incident notification on Reddit

Screenshot: CTemplar incident notification on Reddit

Email response

In addition of the Reddit communication, CTemplar has responded individually to emails they received, with a few hours delay in some cases:

Dear Customer,

We are sorry for the trouble caused. As you are probably aware, yesterday we had a catastrophic technical failure that caused partial data loss, in one way or another, to most customers.

We are doing our best to restore the normal service. For now, it is confirmed the data loss has affected most customers to a higher or lower degree. We are making sure nothing similar to this will happen again in the future by reviewing our backup policy.

Please let us know if we can do anything else to regain your trust as a customer. We need your username to restore your access and try to compensate with a membership boost.

Kind regards.
Screenshot: CTemplar's response confirming this incident (July 10 2021)

Screenshot: CTemplar’s response confirming this incident (July 10 2021)

Cause of the incident

As of July 11 2021, CTemplar did not provided any details regarding the cause of the incident. CTemplar has just acknowledged all user accounts were impacted, more or less, and some users had lost everything.

Dear Customer,

We are sorry for the trouble caused. As you are probably aware, yesterday we had a catastrophic technical failure that caused partial data loss, in one way or another, to most customers.

We are doing our best to restore the normal service. For now, it is confirmed the data loss has affected most customers to a higher or lower degree. We are making sure nothing similar to this will happen again in the future by reviewing our backup policy.

Please let us know if we can do anything else to regain your trust as a customer. We need your username to restore your access and try to compensate with a membership boost.

Kind regards.
Screenshot: CTemplar's explanation on the causes of the incident (July 10 2021)

Screenshot: CTemplar’s explanation on the causes of the incident (July 10 2021)

Failure of the backup strategy

The only clear element is the absence of an effective back-up strategy as one would expect for a paid service, which is one of the most expensive on the market. The restauration of lost emails is not possible.

CTemplar emergency support team

To get a new account and financial compensation you must contact [email protected].

How to ask for help

You need to provide the following information to [email protected]:

  • Main username or email address,
  • Payment method for paid accounts:
    • the last 4 card digits or
    • the Bitcoin transaction ID.
  • Payment date.
  • Membership type (Prime, Knight…)

CTemplar will share a recovery key so you can regain access to a new account.

When it is possible, CTemplar will assist you to see if some data can be recovered.

Reactivation of your account

After verification, CTemplar is sending you recovery code.

  1. Navigate to mail.ctemplar.com
  2. Click on “Reset Password” under the login button
  3. Click the blue link “Reset password using recovery key”
  4. Enter you recovery key, login, and new password
  5. Validate
Screenshot: Reactivation of your CTemplar account

Screenshot: Reactivation of your CTemplar account

After reactivation it is highly probable that all your emails are gone.

Compensation

If you are a free customer also experiencing these issues, CTemplar can send you a new invitation code as they don’t have another way to prove your identity.

If you are a paid customer, CTemplar will:

  • temporarily upgrade you (example: if you were Prime, you become Knight),
  • provide you with extra paid subscription time (most likely until 2023-01-01).

Follow-us on twitter

To learn how to regain your privacy, follow our tips on twitter.

This web site is not affiliated to CTemplar.

Share this post

28 thoughts on “CTemplar catastrophic incident with complete data loss – July 2021”

    1. Dear Customers,

      Firstly we want to thanks all of you who have been supportive and decided to stay with us after this horrible crisis.

      We hope that this has been a one-in-life happening and we are already doing our best efforts to prevent this in the future. Furthermore, and following our data recovery efforts we have managed to recover ALL the attachments for the accounts meeting one of these requirements:

      – Account wasn’t deleted AND you weren’t forced to reset your account
      OR
      – Account wasn’t deleted AND you were forced to reset your account AND you had downloaded the keys
      OR
      – Account was deleted AND you remember your registration date AND you had downloaded the keys

      For applying to this, simply write an email to ‘[email protected]’ (from your CTemplar account if possible) and wait for our reply with a direct link to download ALL your encrypted attachments. It’s needed to remark that those you’ve deleted yourself at some point are not there.

      Earlier this year we moved to a Replicated Dispersed Cluster with GlusterFS, and almost every kind of incident was planned against but unfortunately, we didn’t plan for an off-site (different FS at least) catastrophe recovery plan, for the previous day or two of service.

      We are reviewing our backup policy so we can prevent further issues like this to ever happen again. Our minimum backup policy, also our biggest selling point, backfired to us.

      Thanks for your comprehension.

  1. After contacting support by email yesterday, they sent me a new recovery key to reactivate my account. Looking back, I find that the technical support was quite responsive, I lost my emails but nothing important to me, I think the main thing is to have been able to recover my account and the associated address . I hope the team will do what is necessary to ensure that this does not happen again. I remain confident in them, I hope that everyone can regain access to their account.

    1. Dear Customer,

      Thanks for being so understanding. Earlier this year we moved to a Replicated Dispersed Cluster with GlusterFS, and almost every kind of incident was planned against but unfortunately, we didn’t plan for an off-site (different FS at least) catastrophe recovery plan, for the previous day or two of service.

      We are reviewing our backup policy so we can prevent further issues like this to ever happen again. Our minimum backup policy, our biggest selling point, backfired to us.

      Take for granted that we are working around the clock in all the areas to grow stronger after this. Thank you all for deciding to say with us after this crisis.

  2. I think all mails are lost forever.
    The only think CTemplar can do is to create you a new blank account for you…
    … if you still trust them. 🙂

    1. Well, gmail is reading all your mails, facebook has leaked 533 millions accounts, LinkedIn has leaked 700 million phone numbers, CTemplar deleted all emails of all its users…
      Today, it’s like this… nobody really cares of its users (even paid services) ! C’est la vie.

      1. This. It sucks to lose the emails but at least they weren’t being read by governments and corporations. I believe in what ctemplar is trying to do more than I miss those emails or need my email to work today. I’m sure they will learn from this and I hope they do not suffer serious legal consequences.

      2. Dear Customers,

        We are sorry for the trouble caused. As you are probably aware, yesterday we had a catastrophic technical failure that caused partial data loss, in one way or another, to most customers.

        We are doing our best to restore the normal service. For now, it is confirmed the data loss has affected most customers to a higher or lower degree. We are making sure nothing similar to this will happen again in the future by reviewing our backup policy.

        Please let us know through our support channel if you need help to restore access to your account or if there is anything else we can do to regain your trust.

        As directly responsible for this, I publicly offer my deep most apologies.

        1. Please issue me my refund as requested. You have lost all support from me and hopefully others who have half a mind of their own. You’re literally the most expensive email provider and couldn’t keep a backup? Shameful.

        2. Hello. I wanted to state I don’t believe CTemplar is honest with regard to their offer to give refunds following their catastrophic service failure. I mentioned this in another forum, /r/CTemplar, and my comment was subsequently deleted, but the “CTemplar Official” account there stated CTemplar would be happy to offer a refund. I emailed the CTemplar support email multiple times as well used the form on the Ctemplar site Contact Page, but so far nothing toward my getting a refund. On multiple occasions in the messages I had provided the last four digits of my credit card, the date of purchase, the account type, and my username. Ctemplar would not refund. So I am pleased to post in this forum outside of that forum, because they can’t delete it.

          1. Yes indeed, CTemplar seems reluctant to refund. They prefer to offer you one additional year of free service, to the 6 additional months already offered as a compensation, rather than paying any refunds. (this website is independent and not affiliated to CTemplar)
            If anyone manage to obtain any refund, don’t hesitate to testify.

            1. Yes, thank you for your comment that clarifies their position a bit. CTemplar seems to use the word “refund” differently than the definition in a dictionary. I thought the word “refund” referred to money. That is, in order for it to be a refund, the money must be given back to me from CTemplar. That is what a refund is. A refund is NOT offering alternatives of more services, longer times, or other similar offers. Those things are not refunds. Refund means CTemplar would contact my credit card company give the money back.

            2. We are issuing all the refunds we are receiving.

              If you feel we have skipped any refund request, please submit again for everyone’s peace of mind, but I believe all of them are being processed.

              Thanks for your comprehension.

          2. CTemplar just offered me 10 GB free until 2023 Jan 1. But tell me what is the point of having 10 GB of data if you can not trust those 10 GB ?
            Very disappointed to have lost ALL my emails on CTemplar, who had not invested in any back up strategy.

          3. We are issuing refunds after asking for confirmation. We also give instructions on how to recover the account AND compensation, and I don’t think that is bad. At least not all the customers.

            Your issues are ALL refunded after the confirmation. There aren’t that many, so I can guess who you are trying to make the crisis worse.

            Please, understand the humans behind it.

            1. I already have contacted CTemplar multiple times and provided the exact information that was requested and there has been no forward movement. Several times I had sent to the support email at CTemplar my username, last 4 digits of credit card, date of purchase, and membership type Prime. The most recent email response I received from CTemplar when I asked for a refund yesterday stated:

              “We can provide you with extra paid subscription time as a compensation attempt. Also, we are making sure this won’t happen anymore and getting other small issues sorted.”

              CTemplar keeps going in circles repeating the same thing but there is no progress and no refund has been made to me. If or when CTemplar actually gives me a refund, I will come back and update this post for the record. But as things currently stand, I paid $72.00 on May 29 (the purchase was made on May 29 and Visa shows it was posted to my account on May 31).

              Further, I might as well mention that I also experienced a loss of email on an occasion prior to the recent catastrophic failure. That occasion happened when I placed an order on Amazon on June 29 but I never received the order confirmation email from Amazon because CTemplar had a different email delivery problem. That issue was also documented on the /r/CTemplar forum at the the time.

              1. Dear Customers,

                We are issuing all the refunds we receive, after asking for confirmation. Apologies if we have sent you a duplicated message, you just have to reply with the refund confirmation will and we’ll process it right away.

                If you feel we have to skip any refund request, please submit again for everyone’s peace of mind, but I believe all of them are being processed.

                Kind regards.

                1. I will to report any further developments but as of this moment I have not received a refund.

                  What I have received was an email stating CTemplar is planning on sending a refund. Specifically, the email stated:

                  “Our apologies, but it was true that your refund case wasn’t handled in the best way. We have finally proceeded with the refund and it should appear on your bank statements the following days.”

                  The way to issue a refund is by crediting my credit card.

                  So far, my credit card account shows nothing pending and so I am patiently waiting for CTemplar to credit the account.

                  1. In the general support of good netiquette I am providing an update for informational purposes: A 72.00 USD credit posted to my credit card account on Tue, Jul 13, 2021, from CTemplar Secure Email.

                    With a feeling of satisfaction from having received the refund, but also with some disgust about the extent to which I had to go to receive it, I wash my hands of the matter.

Leave a Reply

Your email address will not be published. Required fields are marked *