Webapp taken down due to suspected brute-force attack

Resolved

Major outage

Started almost 2 years agoLasted about 9 hours

Affected

Oiiku Webapp

Updates

Resolved
June 19, 2024 at 15:23
Resolved
June 19, 2024 at 15:23
No further attacks since we took webapp back online. No valid app links was generated in the attack. No personal data was exposed. Will send email with "post mortem" to clients later tonight.
Monitoring
June 19, 2024 at 08:35
Monitoring
June 19, 2024 at 08:35
Measures to stop attack have been implemented. Does not seem like the attack has been successful. Webapp is back online. We will monitor closely and check all system logs to get the full picture.
Identified
June 19, 2024 at 06:38
Identified
June 19, 2024 at 06:38
We have verified that this is a brute-force attack. An automated attack by someone to test millions random app links, to find valid ones. We took webapp down to stop the attack, and protect personal data. We are implementing measures to block the attacker and will take webapp back online again as soon as possible.
Investigating
June 19, 2024 at 06:35
Investigating
June 19, 2024 at 06:35
We are currently investigating this incident.

Oiiku - Webapp taken down due to suspected brute-force attack – Incident details