Hi everyone,
We recently experienced a cyber attack in which our data was deleted.
However, we do have backups available:
We are using Orthanc with the PostgreSQL plugin, and we have a backup of the database.
All metadata (such as patient name, study details, etc.) was stored in the PostgreSQL database.
All DICOM image files are safely stored in an S3 bucket.
What would be the best and safest approach to fully restore the system?
Hello,
I would recommend starting from a fresh installation of Orthanc and reimporting all the DICOM files from your S3 bucket using an automated import script.
If the number of images is too large for a full reimport to be practical, you should be able to restore the PostgreSQL database and then restart Orthanc using the same configuration file that was in place at the time of the backup. When using PostgreSQL together with S3, Orthanc is essentially stateless.
Please refer to the PostgreSQL restore procedure for detailed instructions.
Regards,
SĂ©bastien-
Hello SĂ©bastien,
Thank you for your response.
I have already followed the steps you recommended. A fresh installation of Orthanc and re-importing the DICOM files does work; however, since we have more than 50,000 files, performing a full re-import through the automated script requires considerable time and effort.
Subsequently, I attempted to restore the PostgreSQL database. After the restoration, we were able to retrieve all the metadata and patient information successfully. However, the corresponding DICOM files stored in S3 were not properly mapped to the restored records for those patients.
There is no reason for this to happen, as long as your configuration file of Orthanc has also been properly backup and restored.
Hello SĂ©bastien,
Thank you for your clarification.
I share the same understanding, which is why I am slightly confused about the current behavior. I have restored the PostgreSQL database backup and, in several cases, the studies are opening correctly without any issue. However, for some other studies, I am facing the problem where the metadata is present but the corresponding DICOM files stored in S3 are not accessible or not properly mapped.
I have one specific doubt and would appreciate your guidance on this:
Is there any possibility that if data were deleted PostgreSQL db in Orthanc (for example, a study or instance removed from Orthanc while using PostgreSQL + S3), the mapped DICOM objects stored in the S3 bucket could also have been deleted as part of an internal Orthanc process?
I am asking this to better understand whether there could have been any internal mechanism or background process that might explain the missing mappings. Your clarification will help me proceed with greater confidence in the next steps.
If you delete a study or instance from Orthanc, the corresponding S3 objects will also be deleted, which is the expected behavior. However, Orthanc will evidently never delete S3 objects in a background process unless it is explicitly requested to remove the corresponding DICOM instance.