A Texas jail has ordered the release of nearly 300 defendants after a computer glitch disrupted processing procedures and probable cause hearings.
Harris County jail’s cloud-based computer system known as JWEB was knocked offline for two days due to an issue with a system update.
Under state law, defendants charged with misdemeanors may not be held for processing for more than 24 hours. For defendants charged with felonies, the cut-off period for processing is 48 hours.
Harris County magistrate Courtney St. Julian said the computer system “was not operational from March 24 at around 7 pm until March 26 at around 9 pm.”
Harris County officials reportedly said the system had crashed five times since August and that the same issue with processing had arisen on three previous occasions, none of which were reported to the public.
The district attorney’s office requested an extension to processing times, but St. Julian denied the request.
The Texan reports that individuals arrested on suspicion of theft, making terrorist threats or indecently exposing themselves were among those released because of the outage.
Law enforcement agencies have been told by the district attorney’s office that they will need to refile charges for the released defendants and that some individuals must now be re-arrested.
“This case highlights the need for a solid and coordinated disaster recovery and business continuity plan for the JWEB system,” Jason Hicks, field CISO, executive advisor at Coalfire told Infosecurity Magazine
“The county needs to get a plan in place and conduct regular testing to ensure something like this does not occur in the future. All of the affected agencies should be included in the plans and testing so that there is consensus and awareness.”
JWEB was installed in 2015 and is used by the local law enforcement agencies, the district attorney’s office, the district clerk, pretrial services, the public defender’s office and the courts.
John Bambenek, principal threat hunter at Netenrich, said that the outage demonstrated that “moving to the cloud alone is not sufficient to ensure security.”
“As more and more organizations outsource to cloud providers, they are creating opportunities for debilitating outages that cripple critical business operations,” said Bambenek.
He added: “It’s hard to see how this outage could be much worse.”