391 points kinj28 | 3 comments | 21 Oct 25 15:55 UTC | HN request time: 0.001s | source

Could there be any link between the two events?

Here is what happened:

Some 600 instances were spawned within 3 hours before AWS flagged it off and sent us a health event. There were numerous domains verified and we could see SES quota increase request was made.

We are still investigating the vulnerability at our end. our initial suspect list has 2 suspects. api key or console access where MFA wasn’t enabled.

1. itsnowandnever ◴[21 Oct 25 16:55 UTC] No.45658133[source]▶

>>45657345 (OP) #

i cant imagine it's related. if it is related, hello Bloomberg News or whoever will be reading this thread because that would be a catastrophic breach of customer trust that would likely never fully return

replies(1): >>45659037 #

2. jddj ◴[21 Oct 25 17:49 UTC] No.45659037[source]▶

>>45658133 (TP) #

You say that, but azure and okta have had a handful of these and life over there has more or less gone on.

Inertia is a hell of a drug

replies(1): >>45662859 #

3. testfrequency ◴[21 Oct 25 23:02 UTC] No.45662859[source]▶

>>45659037 #

Similarly, everyone is back to using CS and their stock is just fine

↑

Ask HN: Our AWS account got compromised after their outage