DDoS Attack causing production outage - RESOLVED
Incident Report for FlexBooker
Resolved
This incident has been resolved.
Posted Dec 24, 2021 - 21:21 UTC
Monitoring
We have finished working with AWS to restore service. We are still monitoring for any lingering issues
Posted Dec 24, 2021 - 09:01 UTC
Update
We have very positive news! We are almost there, the changes needed have been made, we are waiting on a complete system reboot, but things should be up and running fully again very soon. We'll send out another update as soon as the boot period has been completed.
Posted Dec 24, 2021 - 07:50 UTC
Update
We've hit the "couple of hours" time that Amazon thought this would take. We continue to work on a conference call with their security and networking teams and are told it is promising that they are almost finished with the work required.

We just wanted to update and will be updating again hopefully very soon once the security patch they're working on is in place.
Posted Dec 24, 2021 - 06:35 UTC
Update
We are continuing to work with AWS on resolving this issue. We have been informed that this should not have been possible, but before they were able to assist technically, they had to ensure that all our security practices were correct. They have completed this step, and this has now gone to their leadership team who have approved dedicating technical resources to this immediately.

We truly apologize again for the impact here. We have been on the phone with AWS support for 7 hours now, trying to push them through. A brute force attack such as this should not have been possible, so we are pushing them hard to put a network-level solution in place to ensure this is both resolved quickly and also permanently so this never happens again in the future.

We don't have an ETA currently, but have been told it "should" be within the next "couple of hours", but we're taking that with a grain of salt. We are all-hands-on-deck working to resolve this both internally and through AWS to get things back to normal tonight still.
Posted Dec 24, 2021 - 04:27 UTC
Update
We are continuing to work with AWS who are trying their best to assist with this attack.

"We have created multiple escalation cases internally to the Service team and Security team to further assist you in this extreme situation."

We remain on the phone with AWS continuously and trying to lock down this ever-moving attack internally also.

We truly apologize for the inconvenience this is causing, and want to let you know that this is being handled "all hands on deck" as the only priority for the company until we can resolve it.
Posted Dec 23, 2021 - 22:35 UTC
Identified
This is causing widespread outages of our core application functionality. We are working with AWS now to remedy the situation and cut the attack off as quickly as possible.
Posted Dec 23, 2021 - 21:05 UTC
Investigating
We have been alerted through monitoring analytics that we are experiencing a massive Deep Denial of Service attack.
Posted Dec 23, 2021 - 21:05 UTC
This incident affected: FlexBooker Core (FlexBooker Staff Website, Booking Forms, API Services, Mobile Apps).