Release date: January 26, 2016
On Monday, January 25th, Pathways/MISI released a System Performance Alert notifying you that we had experienced a series of system outages and promising to investigate to let you know exactly why you weren’t able to access COMPASS ROSE. We have been able to identify the issue and want to pass the information on to you.
This morning we were notified by our Data Center provider that they detected a Distributed Denial of Service attack (DDS) had been launched against their network. This means an unknown source attempted to flood the data center network with an unmanageable number of fake login requests. The Data Center provided us with its system log which shows seven different incidents between 11 a.m. and 3 p.m. (EST) on Monday. This prevented legitimate requests from COMPASS ROSE users from getting through to the Pathways/MISI servers. Understandably, this was a huge frustration!
The Data Center provider has deployed protection protocols to deflect additional attacks and is working with a specialist to mitigate network disruptions. Some minor problems continue to occur. At this time, the Data Center provider is closely monitoring network performance and will alert us if there are additional incidents.
It is critical to stress that at NO TIME was client data at risk. A DDS attack is meant to overwhelm system capacity. The attack was not specifically against Pathways/MISI, and there was never any attempt to actually access client data.
Please contact your technical assistance representative if you have any questions or concerns about this issue. We would be happy to explain it in more detail.