The outage occurred yesterday when an employee responded to an abuse report about a phishing URL in Cloudflare’s R2 platform. However, instead of blocking the specific endpoint, the employee mistakenly turned off the entire R2 Gateway service.
Why tf did this employee have the permissions to turn off the entire service? If their job is responding to abuse reports, they do not need that level of privilege.
It’s entirely possible the employee had more than one hat and was dabbling in customer service that day. it’s not unheard of in the IT field for the buckets to mix when demand states it. Being said the better question is how you could mistake a shutdown/deactivate button as an apply button
apperently cloudflare thought the same as they removed the button from the panel the employee used lmao
Oopsies
Why tf did this employee have the permissions to turn off the entire service? If their job is responding to abuse reports, they do not need that level of privilege.
It’s entirely possible the employee had more than one hat and was dabbling in customer service that day. it’s not unheard of in the IT field for the buckets to mix when demand states it. Being said the better question is how you could mistake a shutdown/deactivate button as an apply button
apperently cloudflare thought the same as they removed the button from the panel the employee used lmao
And even then, there should be an approval workflow to at least have one more set of eyes review the change before it’s implemented.
Possibly paid by an outside actor to cause a service disruption? Rival company, the government, etc.
First - Hanlon’s Razor
Second - that doesn’t explain how they had the permission to do that single handedly