Yesterday (Jan 24, 2022) between 2am and 3am CT, Amazon deployed changes to their firewall rules to improve the security against SQL injection attacks. Once identified, the TrustedForm team implemented changes to address the issue, restoring full services at 9:55am CT. Amazon's added restrictions were overly aggressive, resulting in false positives for regular TrustedForm traffic.
The restrictions identified the SQL keywords "AND" in "Android" and "SELECT" in "selector" as an attack and blocked the traffic. Amazon's changes resulted in the TrustedForm script not being able to capture data for Android devices using the Chrome web browser during this period of time.
During these 7-8 hours, we were unable to collect certificate data from Android devices running the Chrome browser. We have not seen evidence to indicate other devices or browsers were likewise affected. Because we were unable to collect certificate data during this period, affected leads will not be claimable.
To mitigate incidents like this from happening in the future we are adding monitors to alert us of anomalous changes in our firewall traffic. If you have any questions regarding yesterday’s outage, please reach out to your Client Services representative.
The TrustedForm Team