19:19 UTC | 12:19 PT
We are receiving reports of a service incident. Investigation is underway.
19:39 UTC | 12:39 PT
We have mitigated service issues that were impacting some customers. We are continuing investigation of a root cause.
20:15 UTC | 12:15 PT
Service issues impacting some customers are now resolved.
This incident was a result of a DDoS (Distributed Denial of Service) attack against a Zendesk IP address, causing accessibility issues to one of our data centers and resulting in temporary disruption for some Zendesk and Zopim customers.
Once the target and vector were identified, routing through our CDN scrubbing center was immediately put in place as standard procedure to mitigate the issue. After the initial attack subsided, some customers were experiencing intermittent connectivity issues, which was determined to result from a TCP SYN flood attack. To mitigate this issue, we routed traffic through a mitigation appliance which challenges TCP handshakes. This affected some legitimate customer connections, so after it was determined the attack had subsided, we removed the mitigation appliance. The intermittent connection issues were subsequently resolved.
FOR MORE INFORMATION
Please subscribe to this article for regular updates until the issue is resolved. If you aren't subscribed to our Twitter feed, we encourage you to do so in order to get the most current information about any service issues. We also record all site outages on our system status page where you can see the past 12 months of service uptime. If you have questions about this issue, please open a ticket with us by sending a note to firstname.lastname@example.org.