Data Capture for Android Users of TrustedForm
Incident Report for ActiveProspect

Yesterday (Jan 24, 2022) between 2am and 3am CT, Amazon deployed changes to their firewall rules to improve the security against SQL injection attacks. Once identified, the TrustedForm team implemented changes to address the issue, restoring full services at 9:55am CT. Amazon's added restrictions were overly aggressive, resulting in false positives for regular TrustedForm traffic. 

The restrictions identified the SQL keywords "AND" in "Android" and "SELECT" in "selector" as an attack and blocked the traffic. Amazon's changes resulted in the TrustedForm script not being able to capture data for Android devices using the Chrome web browser during this period of time.

During these 7-8 hours, we were unable to collect certificate data from Android devices running the Chrome browser. We have not seen evidence to indicate other devices or browsers were likewise affected. Because we were unable to collect certificate data during this period, affected leads will not be claimable.

To mitigate incidents like this from happening in the future we are adding monitors to alert us of anomalous changes in our firewall traffic. If you have any questions regarding yesterday’s outage, please reach out to your Client Services representative.


The TrustedForm Team

Posted Jan 25, 2022 - 14:29 CST

After continued monitoring of the situation, we are marking this issue "Resolved." We are continuing to investigate the root cause. Once identified we will follow up with a postmortem about the incident.

Thank you for your patience during this incident.
Posted Jan 24, 2022 - 10:25 CST
We have identified the issue and are continuing to monitor. Testing on our end is showing Android users are no longer affected.
Posted Jan 24, 2022 - 09:58 CST
We have detected an issue where the TrustedForm script is not always capturing data for Android users. We are currently investigating and will update when we find out more information or in 30 minutes.
Posted Jan 24, 2022 - 09:31 CST
This incident affected: TrustedForm Certify.