Time: Jan. 10, 2022, 4:12 p.m.

Status: Resolved

Update: Our Engineering team has resolved the Scheduler issue, and users can now log in again. Please get in touch with [email protected] if you have any further questions.

Time: Jan. 10, 2022, 3:52 p.m.

Status: Identified

Update: We are aware of an issue with the Scheduler, which is stopping users from logging in. Our Engineering team are investigating and aim to have a fix in place shortly.

Time: Dec. 15, 2021, 4:55 p.m.

Status: Resolved

Update: We have monitored the issue experienced by the third party and it is now resolved. Please contact [email protected] if you have any further queries.

Time: Dec. 15, 2021, 4:22 p.m.

Status: Monitoring

Update: We detected an issue with a third party Javascript dependency’s CDN, which led to slow page loads on the Developer Dashboard and Scheduler. We have removed this dependency, which has resolved the issue. The Cronofy API was unaffected by this incident.

Time: Dec. 15, 2021, 4:55 p.m.

Status: Resolved

Update: We have monitored the issue experienced by the third party and it is now resolved. Please contact [email protected] if you have any further queries.

Time: Dec. 15, 2021, 4:22 p.m.

Status: Monitoring

Update: We detected an issue with a third party Javascript dependency’s CDN, which led to slow page loads on the Developer Dashboard and Scheduler. We have removed this dependency, which has resolved the issue. The Cronofy API was unaffected by this incident.

Time: Dec. 14, 2021, 12:02 p.m.

Status: Resolved

Update: On Friday, December 10th, a critical remote code execution vulnerability (CVE-2021-44228), also known as Log4Shell, was discovered, which affects Apache Log4j versions 2.0-2.14.1. Log4j is a popular logging library in Java and is used in several enterprise applications. Our platform isn't written in Java and therefore isn't vulnerable, we do run some dependencies like Jenkins which are written in Java and have verified they are not vulnerable (as well as not being generally accessible from the internet), and we will update managed services as updates relating to this vulnerability are made available (for example, an update to AWS Elasticsearch was applied yesterday). Our team will continue to monitor our platforms and sub-processors, and we'll update you if there are any updates in relation to this vulnerability. At this point in time, no action is required by Cronofy customers. Please contact [email protected] if you have any further questions.

Time: Dec. 14, 2021, 12:02 p.m.

Status: Resolved

Update: On Friday, December 10th, a critical remote code execution vulnerability (CVE-2021-44228), also known as Log4Shell, was discovered, which affects Apache Log4j versions 2.0-2.14.1. Log4j is a popular logging library in Java and is used in several enterprise applications. Our platform isn't written in Java and therefore isn't vulnerable, we do run some dependencies like Jenkins which are written in Java and have verified they are not vulnerable (as well as not being generally accessible from the internet), and we will update managed services as updates relating to this vulnerability are made available (for example, an update to AWS Elasticsearch was applied yesterday). Our team will continue to monitor our platforms and sub-processors, and we'll update you if there are any updates in relation to this vulnerability. At this point in time, no action is required by Cronofy customers. Please contact [email protected] if you have any further questions.