From Cloud Computing Community Wiki
Overview
The Cloud Computing Incidents Database (CCID) records and monitors verifiable, noteworthy events that impact cloud computing providers, such as outages, security issues and breaches, both as they are happening and on an ongoing historical basis.
It aims to find a balance of tensions between different stakeholders in cloud computing incidents with different drivers; vendors tend to give factual (but terse) reports, journalists want a story that is appealing to their readers and users just want the truth. By subjecting such issues to a community consensus process the hope is that a useful resource will be created with a neutral point of view for providers, vendors, users as well as researchers, and to that end the database is offered to all under a Creative Commons (CC-BY-SA 3.0) license.
Feel free to add missing incidents using the template below (and yourself to the contributor list or to update existing ones as while the database has been seeded with some of the more noteworthy issues it is not (yet) comprehensive.
Incidents
2009
| CCI
| Date
| Product
| Provider
| Severity
| Incident Type
| Incident Sub-Type
| Exploit
| Affected
| Comments
| References
|
| CCI-0055
| 2009-01-31
| Google
| Google
| Critical
| Outage
| Malware Warning
| No
| All Google's Internet search users affected
| Lasted upto 1 hour
| [1]
|
| CCI-0054
| 2009-01-30
| Ma.gnolia
| Ma.gnolia
| Critical
| Data Loss
| Potential Closure
| No
| All
| Both online and backup databases affected.
| [2]
|
2008
| CCI
| Date
| Product
| Provider
| Severity
| Incident Type
| Incident Sub-Type
| Exploit
| Affected
| Comments
| References
|
| CCI-0006
| 2008-01-07
| Salesforce.com
| Salesforce.com
| High
| Outage
| Network Outage
| No
| All
| Affected all instances and supporting infrastructure
| [3]
|
| CCI-0005
| 2008-10-18
| AWS Services
| AWS
| High
| Security
| Man-in-the-Middle
| No
| All
| Issue present since service launch
| [4]
|
| CCI-0004
| 2008-10-15
| Gmail
| Google
| High
| Outage
| 502 error
| No
| Unknown number of users
| Lasted more than 24 hours
| [5][6][7]
|
| CCI-0002
| 2008-09-18
| Google Docs
| Google
| High
| Security
| Session Hijacking
| No
| Some Thai Users
| Limited to ISP(s) in Thailand
| [8][9]
|
| TBA
| 2008-09-15
| App Engine
| Google
| Low
| Outage
| Performance Degradation
| No
| All
| Datastore writes experienced elevated latencies and error-rates.
| [10]
|
| TBA
| 2008-09-02
| Google Apps
| Google
| High
| Security
| User Impersonation
| Yes
[11]
| All SSO users
| Malicious service provider could impersonate a user at other service providers.
| US-CERT VN#612636 [12]
|
| TBA
| 2008-08-26
| FlexiScale
| FlexiScale
| Critical
| Outage
| Disaster Recovery
| No
| All
| Full extended outage
| [13]
|
| TBA
| 2008-08-12
| Gmail
| Google
| High
| Outage
| Change Management
| No
| Many
| Users unable to use webmail due to issues with loading contacts between 14:00 and 16:00 PT
| [14]
|
| TBA
| 2008-08-08
| The Linkup
| Nirvanix MediaMax
| Critical
| Data Loss
| Closure
| No
| 20,000
| Data claimed to be safe but inaccessible
| [15][16][17][18][19][20]
|
| TBA
| 2008-07-20
| Amazon S3
| AWS
| Critical
| Outage
| Design Fault
| No
| All
| Full outage for 8 (weekend) hours
| [21]
|
| CCI-0003
| 2008-07-10
| MobileMe
| Apple
| Moderate
| Outage
| Migration
| No
| All
| Scheduled outage window exceeded during upgrade to MobileMe
| [22]
|
| CCI-0003
| 2008-07-09
| .Mac
| Apple
| Info
| Outage
| Scheduled Outage
| No
| All
| Full outage (except mail) during upgrade to MobileMe 18:00-00:00
| [23]
|
| TBA
| 2008-04-28
| EC2
| Amazon
| Low
| Outage
| Degraded Performance
| No
| Small subset of instances
| Result of a customer creating a large number of firewall rules and instances.
| [24]
|
| TBA
| 2008-02-15
| Amazon S3
| AWS
| Low
| Outage
| Authentication Failures
| No
| All
| Early morning outage (04:31-06:48 PST) caused by authentication service overload
| [25]
|
2007
| CCI
| Date
| Product
| Provider
| Severity
| Incident Type
| Incident Sub-Type
| Exploit
| Affected
| Comments
| References
|
| CCI-0056
| 2007-2008
| Carbonite
| Carbonite
| Critical
| Data Loss
|
| No
| Customer data lost, storage vendor sued
|
| [26]
|
| TBA
| 2007-09-29
| EC2
| Amazon
| Low
| Outage
| Instance Terminations
| No
| Small subset of instances
| Result of a customer creating a large number of firewall rules and instances.
| [27][28]
|
Legend
| Legend
|
| Severity
| Info
| Low
| Moderate
| High
| Critical
|
Template
|-
| {{ccid}}
| 2008-01-01
| [[w:Product]]
| [[w:Provider]]
| {{Info}}
| Security
| Breach
| {{Yes|No}}
| ?
| Sample entry
|<ref>[http://cloudcommunity.org/ Cloud Computing Community]</ref>
|-
Instructions
Click here to create a NEW dedicated CCI article
The Mediawiki Database Extension was created specifically for this purpose (but is nonetheless quite versatile for similar applications, most notably Knowledge Bases) and has been made available under GPLv3 license.
- To create an entry in the table
- Copy the template (above)
- Edit the incidents table
- Find the insertion point (sorted reverse chronologically) and select the separator ('
|-')
- Paste the template and fill out the fields you know
- Save page and optionally continue on to create a dedicated CCI article
- To 'flesh out' an entry with a dedicated CCI article
- Click on the TBA in the CCI field to create the associated incident article.
- You will be taken to the next available CCI ID with a preloaded template
- Fill out the template and Save page
References
Contributors
