Security Breach
Incident Report for Tricentis Flood
This incident has been resolved.
Posted Jun 22, 2020 - 10:05 AEST
All systems are operational. We apologize for the disruption to testing today and will post an update tomorrow with more details about the breach. Thank you for your understanding.
Posted Jun 21, 2020 - 23:08 AEST
We have since completed replacing production infrastructure. Now testing all functionality.
Posted Jun 21, 2020 - 22:49 AEST
Due to the issues found from the breach, we will be replacing our production stack in a few moments. This includes rotating all secrets and making sure that new infrastructure is used. Please stay tuned here for updates.
Posted Jun 21, 2020 - 20:27 AEST
At this stage, we believe your hosted credentials, that is, the credentials you provide Flood, to launch hosted grid infrastructure on third-party cloud providers may have been compromised.

Attackers may have been successful in taking a copy of your cloud-based credentials for AWS, Microsoft Azure, or Google Cloud.

At this stage, we have already rotated your Flood API tokens. We strongly advise that you rotate the secrets for your cloud credentials. Alternatively, you may wish to delete your credentials used for Flood. For specific help:

We want to make sure you have the details of what has happened, as soon as we can complete an investigation and take steps to help protect you.
Posted Jun 21, 2020 - 16:45 AEST
We are currently investigating a security breach, identified via our automated detection systems this morning.

As a precaution, we will be rotating all users Flood API tokens immediately.

Please bear with us and check back regularly while we continue to investigate the size and severity of this breach.
Posted Jun 21, 2020 - 14:28 AEST
This incident affected: Dashboard, API, and Grids.