Incident Report Powered By Groq.ai
Track and review incidents of downtime and their resolution status
Track and review incidents of downtime and their resolution status
On February 15th, at 14:45 PST, Microsoft detected a ransomware attack on its Azure and Office 365 services. The attack resulted in the encryption of sensitive customer data, which was then demanded in exchange for decryption. The ransomware variant used was identified as EvilGrip, a recently discovered strain. Incident response teams promptly isolated the affected systems and began implementing countermeasures. Approximately 10% of Azure and Office 365 users were impacted, with no reports of customer data exfiltration. The cause of the incident is under investigation, and an update will be provided once the root cause is confirmed.
On March 12, 2023, at 14:45 UTC, Apple Pay Online users reported experiencing a bug that caused transactions to fail and display an error message. The bug was observable on multiple devices and browsers, including Safari, Chrome, and Firefox. Affected users reported attempting to complete purchases online, only to receive an "Invalid Payment Method" error. After conducting an initial investigation, our team discovered that the issue was caused by a bug in the payment processing code. Specifically, a incorrect redirect URL was causing the transaction to fail. We have since corrected the issue and deployed the fix to the production environment. Additional Information: The incident was reported to our internal IT department at 14:45 UTC on March 12, 2023. Our team was able to reproduce the issue and verify the root cause. The bug was fixed within 2 hours of initial report. No customer data was compromised as a result of this incident. Next Steps: Our team will continue to monitor the affected platform to ensure the fix is effective. We will conduct a thorough review of the incident to identify areas for improvement. We will provide regular updates to affected customers on the outcome of our investigation.
A critical bug was identified on YouTube on February 15, 2023, at 14:30:00 UTC, causing a subset of videos to indefinitely loop, disrupting normal playback for affected users. The issue was reported by several users across different regions and was observed to occur randomly without any discernible pattern. The bug reportedly affected videos of varying lengths and formats, with some users experiencing stuck playback for extended periods. Although no sensitive data was compromised, the incident resulted in user frustration and inconvenience. YouTube's internal monitoring systems detected the issue and triggered automated responses to rectify the situation. The bug was subsequently identified, isolated, and resolved through a series of code updates rolled out to affected servers. All affected users were notified and provided with solutions for resuming normal playback. Further analysis is ongoing to determine the root cause of the bug and prevent similar incidents from occurring in the future.
On February 14, 2023, at approximately 14:45:00, Instagram experienced a ransomware incident that resulted in the unauthorized access and encryption of certain user accounts. The malicious software was detected through our internal monitoring systems and prompt action was taken to contain the incident. As a result, a limited number of users may have been affected, resulting in the inability to access their accounts and potentially compromising their personal data. Our incident response team has since worked to identify and contain the malware, and all affected accounts have been restored. We are currently conducting a thorough investigation to determine the root cause of the incident and to take necessary steps to prevent such incidents in the future. Users who may have been affected will be notified directly via email or in-app notifications. We apologize for any inconvenience caused and appreciate the trust our users have placed in us to safeguard their personal data.
On February 12, 2023, at 14:45:00 UTC, Microsoft detected a Distributed Denial of Service (DDoS) attack affecting its Azure Public Cloud infrastructure. The attack, which lasted for approximately 2 hours, targeted a specific region and impacted several Azure services, including compute and storage resources. Estimated peak bandwidth exceeded 100 Gbps, causing brief disruptions to affected services. No sensitive customer data was compromised, and the incident did not affect Microsoft's primary services. The incident was quickly contained and mitigated by Microsoft's global security operations center (GSOC) and incident response team. Further investigation is ongoing to identify the source and motivation behind the attack. The incident report will be updated with additional information as it becomes available.
N/A
On January 10, 2023, at 14:45 UTC, our security team detected a malware incident affecting the Instagram platform. The malware, designed to collect sensitive user data, was introduced through a compromised third-party application. The incident was detected after multiple users reported unusual activity on their accounts. Key Findings: The malware was disguised as a legitimate software update, which disguised its malicious intent. The malware was designed to collect user login credentials, personal data, and financial information. The incident resulted in unauthorized access to approximately 100,000 user accounts. Actions Taken: Our security team immediately contained the incident by isolating the compromised servers. We removed the malicious software from our systems. Users affected by the incident were notified and instructed to change their passwords and monitor their accounts for any suspicious activity. We are working with third-party application developers to identify and resolve the root cause of the compromise. Next Steps: We will continue to monitor our systems for any further signs of malware and conduct a thorough investigation to prevent similar incidents in the future.
On January 10, 2023, at 14:45 UTC, Spotify received reports of an issue with playlist generation on both the web player and mobile app. Users reported that playlists were being generated with incorrect song selection, resulting in an inconsistent listening experience. Upon investigation, our team determined that a bug in the playlist generation algorithm was the cause. The bug caused the algorithm to prioritize songs based on a faulty metric, leading to the unexpected playlist content. The incident was contained and resolved by releasing a hotfix to correct the algorithm issue. A thorough review of the affected code was conducted to ensure the bug did not expose any user data. The incident did not result in any major disruptions to service, but we apologize for the inconvenience caused to affected users.
On February 15, 2023, at 14:45 UTC, we identified an unexpected bug affecting Facebook's login functionality. A user reported that after failing to log in twice, they were automatically redirected to their account page without needing to enter their credentials. Further investigation revealed that the bug was caused by an interaction between Facebook's login cookies and our authentication system. The issue was observed on all devices and browsers, and the affected user base was estimated to be around 0.01% of our total user population. Our security team worked closely with the engineering team to quickly identify and deploy a fix, which was rolled out to all users within 30 minutes of the incident report. We are conducting a thorough review of the incident to prevent similar issues in the future and will provide additional information if necessary.
At approximately 01:45 AM UTC on March 12, 2023, Spotify's security team detected a large-scale Distributed Denial of Service (DDoS) attack targeting our music streaming services. The attack peaked at 100 Gbps, causing rapid spikes in latency, packet loss, and network congestion. During the incident, affected users experienced difficulties playing music, logging in, and accessing certain features. Our security measures were triggered, and we took immediate action to mitigate the attack. The DDoS attack was successfully disrupted by 02:15 AM UTC, and normal services were restored by 02:30 AM UTC. No user data or sensitive information was compromised during the incident. We are currently investigating the root cause of the attack and working with law enforcement agencies to identify the perpetrators.
On February 10, 2023, at 14:45 UTC, Tumblr detected a malware infection on its platform. The malware, identified as a cryptocurrency miner, was secretly embedded in a compromised theme on a user's blog. The infection allowed unauthorized access to affected users' devices, potentially exposing sensitive information and compromising system security. The incident was discovered through Tumblr's automated security monitoring system, which flagged unusual network activity. Upon investigation, it was found that the malware was distributed through a compromised theme, which was downloaded by a limited number of users. Immediately after detection, the compromised theme was removed, and affected users were notified and advised to update their systems and change their passwords. Tumblr's security team is working closely with law enforcement agencies to identify and prosecute the individuals responsible for the malware attack. In light of this incident, Tumblr is increasing its security measures to prevent similar attacks in the future.
On February 22, 2023, at 14:45:00 UTC, Netflix experienced a service disruption due to a malfunctioning bug that caused intermittent errors on the platform. The issue was reported to our Support Team by multiple subscribers who encountered difficulties in accessing their accounts, including login issues, video playback errors, and failure to load recommended content. Upon investigation, our Engineering Team isolated the root cause to a faulty JavaScript chunk code that was triggered by an unexpected user interaction, resulting in a cascading effect that impacted the performance of our global infrastructure. The bug was detected and corrected within 45 minutes, restoring service to normal operation.
On March 12, 2023, at 02:45 AM PST, Pinterest detected a ransomware attack on its web application. The incident was identified through unusual network traffic patterns and user reports of errors accessing the platform. Upon further investigation, it was determined that an unauthorized third-party script had been injected into the Pinterest codebase, which allowed the attackers to encrypt sensitive data, including user accounts and login credentials. The attackers demanded a ransom in exchange for the decryption key. Pinterest's incident response team took immediate action to contain the outbreak, quarantine affected systems, and notify relevant stakeholders. The affected systems were taken offline for maintenance and are currently in the process of being restored. A thorough investigation is underway to determine the root cause of the incident and prevent similar attacks in the future.
On February 15, 2023, at 14:30 UTC, Apple's Security Operations Center (SOC) identified a phishing scam targeting customers attempting to access their accounts on the Apple Online Store's Customer Support Portal. The incident involved a sophisticated phishing email campaign, which tricked numerous customers into providing sensitive information, including login credentials and payment details. The phishing emails appeared to be legitimate and were delivered through a compromised email account, masquerading as a notification from Apple's Customer Support team. The SOC took immediate action to contain the incident, including notifying affected customers, blocking suspicious IP addresses, and reverifying login credentials. The security team also conducted a thorough investigation, which determined that no sensitive data was stored outside of Apple's secure systems and no financial loss was incurred. As a precaution, all users were advised to reset their passwords and enable two-factor authentication.