ALL NORMAL!

Duration: ~14:00 – 16:30 UTC+1 (approx. 2h 30m)

We observed high volumes of automated traffic scanning for sensitive file paths (e.g. .env, config files) against the NNW network. None of these files exist or were exposed. To address the noise, we deployed an automatic IP ban gateway that blocks and blacklists any client attempting to access known malicious paths.
The deployment itself caused a brief disruption. Additionally, a concurrent AWS infrastructure degradation slowed the rollout and extended the recovery window beyond what we anticipated.
Impact: Some NNW services were intermittently unavailable or degraded during this window. No user data was affected. No files were exposed at any point.
Root cause: Planned security measure deployment coinciding with an unrelated AWS outage.
Resolution: Gateway is fully operational. Malicious scanners are now automatically banned on first attempt. All services restored by ~16:30 UTC+1.

Status: Resolved ✅