Incident Date: April 28, 2020
Incident Number: PR-1074
On April 28, 2020, at 10:56 AM ET, Tucows’ HostedEmail platform experienced issues with authentication service impacting IMAP, POP and Webmail in Cluster B. Tucows’ Engineering team was engaged to investigate the issue.
Upon investigation, Tucows’ Engineering team observed that the issue was due to an attack that exhausted the authentication connections impacting new logins and causing them to fail.
At 11:04 AM ET, the Engineering team started the mitigation process by restarting the authentication service and by blocking the offending traffic. Due to the continuous changes in the attack patterns, Tucows had to continuously amend the rules to block the new sources.
As part of the mitigation efforts, Tucows Engineering executed multiple emergency maintenance to improve the performance during the incident.
At 8:56 PM ET, The Engineering team was able to successfully block all the offending traffic and clear the backlog of login requests to restore the services successfully.
Tucows is to continue working on improving the overall security mitigation services to address and rectify future attacks in a timely manner.
Tucows Engineering Team