We are trying to secure a folder with over 1 million very small text files using Windows EFS on Windows Server 2008 R2. We already have an infrastructure in place for backing up keys and data.
We started the folder encryption overnight on Friday. It took around 8 hours to complete. The next day, we ran a tool as the EFS user to verify that the content of the files matched an uncrypted backup and found no differences.
This morning, about 60,000 of these files were unreadable. Trying to open them as the EFS user resulted in an output of gibberish characters. The rest of the files were fine.
So far, we have confirmed the following:
- All the files that were corrupted were created in 2016 or 2017.
- Not all the files that were created in 2016 or 2017 were corrupted.
- Running
cipher /R
shows that the proper user and recovery user certificates were used to encrypt the file. The output of the command is no different on the broken files vs. the ones that had no issues. - Most bizarrely, renaming the parent folder seems to have fixed the broken files.
I am at a loss as to what may have caused this problem and welcome any suggestions of what to look into next.