February 6, 2025
Baltimore IT department uses ‘mind-boggling,' outdated data storage method, audit finds
Baltimore is among the most heavily audited jurisdictions in the state, thanks to a mandate passed by voters in 2016 that requires agencies to undergo an audit every two years.
Baltimore is among the most heavily audited jurisdictions in the state, thanks to a mandate passed by voters in 2016 that requires agencies to undergo an audit every two years.

A new audit of Baltimore’s information technology department says the agency lost key data during May’s ransomware attack because some in the agency used an outdated method for storing files: the hard drives on their individual computers.

Baltimore City Auditor Josh Pasch presented his findings this week to a City Council committee. Pasch said the IT department was not able to provide documentation to support whether it was meeting its agency performance goals, such as modernizing mainframe applications and increasing the amount of data available on the city’s Open Baltimore website.

That’s because instead of saving data using a cloud storage method, as is recommended today, employees were saving files on their computers’ hard drives, as people did before and around the turn of the century, the audit found.

“Performance measures data were saved electronically in responsible personnel’s hard drives,” Pasch reported. “One of the responsible personnel’s hard drive was confiscated and the other responsible personnel’s selected files were removed due to the May 2019 ransomware incident.”

[…]

See Also:

(1) Councilman “mind-boggled” by Baltimore City IT department ineptitude