Time: July 27, 2022, 3:25 p.m.

Status: Resolved

Update: This incident has been resolved.

Time: July 27, 2022, 1:51 p.m.

Status: Investigating

Update: We are currently investigating this issue.

Time: July 5, 2022, 8:55 p.m.

Status: Postmortem

Update: ### What Occurred? At 10:35 PM Eastern on June 28, 2022, a planned maintenance event caused unplanned downtime, Components in the CyberGrants network infrastructure failed in a way that the vendor could not resolve in a reasonable time frame. To bring the CyberGrants site back online, we accelerated our plans to migrate some services to cloud services, which completed at 1:10 AM Eastern on June 29. ### Why Did This Occur \(Root Cause\)? Networking component firmware upgrades, with planning and participation by the vendor, were unsuccessful, making CyberGrants unavailable. ### How Will CyberGrants Prevent Further Occurrences? We have reverted the June 28 changes, and we will take more exhaustive precautions in any future maintenance on these devices. Many of the systems using the affected infrastructure have been migrated to cloud services.

Time: July 5, 2022, 8:55 p.m.

Status: Postmortem

Update: ### What Occurred? At 10:35 PM Eastern on June 28, 2022, a planned maintenance event caused unplanned downtime, Components in the CyberGrants network infrastructure failed in a way that the vendor could not resolve in a reasonable time frame. To bring the CyberGrants site back online, we accelerated our plans to migrate some services to cloud services, which completed at 1:10 AM Eastern on June 29. ### Why Did This Occur \(Root Cause\)? Networking component firmware upgrades, with planning and participation by the vendor, were unsuccessful, making CyberGrants unavailable. ### How Will CyberGrants Prevent Further Occurrences? We have reverted the June 28 changes, and we will take more exhaustive precautions in any future maintenance on these devices. Many of the systems using the affected infrastructure have been migrated to cloud services.

Time: June 29, 2022, 5:51 p.m.

Status: Resolved

Update: CyberGrants and Sandbox are now fully operational.

Time: June 29, 2022, 5:51 p.m.

Status: Resolved

Update: CyberGrants and Sandbox are now fully operational.

Time: June 29, 2022, 5:50 p.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 5:50 p.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 4:01 p.m.

Status: Monitoring

Update: We are aware of issues with scheduled and one-click reports in CyberGrants and are working to address the issue.

Time: June 29, 2022, 4:01 p.m.

Status: Monitoring

Update: We are aware of issues with scheduled and one-click reports in CyberGrants and are working to address the issue.

Time: June 29, 2022, 1:39 p.m.

Status: Monitoring

Update: The Sandbox environment is now reachable by all users, we continue to monitor our temporary fix

Time: June 29, 2022, 12:21 p.m.

Status: Monitoring

Update: We are aware that our Sandbox environment is unavailable for some users and are looking into the issue

Time: June 29, 2022, 12:21 p.m.

Status: Monitoring

Update: We are aware that our Sandbox environment is unavailable for some users and are looking into the issue

Time: June 29, 2022, 5:59 a.m.

Status: Monitoring

Update: Our temporary fix is in place and stable. We continue to monitor and will provide updates on our progress towards full resolution as they become available.

Time: June 29, 2022, 5:59 a.m.

Status: Monitoring

Update: Our temporary fix is in place and stable. We continue to monitor and will provide updates on our progress towards full resolution as they become available.

Time: June 29, 2022, 5:52 a.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 5:52 a.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 5:31 a.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 5:31 a.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: June 29, 2022, 5:16 a.m.

Status: Monitoring

Update: A temporary fix has been implemented and we are monitoring, Production and Sandbox are now online

Time: June 29, 2022, 5:16 a.m.

Status: Monitoring

Update: A temporary fix has been implemented and we are monitoring, Production and Sandbox are now online

Time: June 29, 2022, 5:07 a.m.

Status: Identified

Update: We are continuing to work on a fix for this issue.

Time: June 29, 2022, 5:07 a.m.

Status: Identified

Update: We are continuing to work on a fix for this issue.

Time: June 29, 2022, 4:09 a.m.

Status: Identified

Update: Engineers have identified the issue and are working on a fix.

Time: June 29, 2022, 4:09 a.m.

Status: Identified

Update: Engineers have identified the issue and are working on a fix.

Time: June 29, 2022, 3:59 a.m.

Status: Investigating

Update: We are continuing to investigate this issue.

Time: June 29, 2022, 3:59 a.m.

Status: Investigating

Update: We are continuing to investigate this issue.

Time: June 29, 2022, 2:56 a.m.

Status: Investigating

Update: We are currently investigating this issue.

Time: June 29, 2022, 2:56 a.m.

Status: Investigating

Update: We are currently investigating this issue.

Time: May 20, 2022, 9:37 p.m.

Status: Resolved

Update: This incident has been resolved.

Time: May 20, 2022, 9:35 p.m.

Status: Identified

Update: The issue has been identified and a fix is being implemented.

Time: May 20, 2022, 9:18 p.m.

Status: Investigating

Update: We are currently investigating this issue.

Time: May 20, 2022, 9:37 p.m.

Status: Resolved

Update: This incident has been resolved.

Time: May 20, 2022, 9:35 p.m.

Status: Identified

Update: The issue has been identified and a fix is being implemented.

Time: May 20, 2022, 9:18 p.m.

Status: Investigating

Update: We are currently investigating this issue.

Time: May 6, 2022, 5:21 p.m.

Status: Postmortem

Update: **What Occurred?** On May 3rd, 2022 at 7:30a ET, CyberGrants experienced a total shutdown of all production systems due to the severing of all redundant supplies of power at their co-location Data Center \(Navisite\). Although power was restored within 1 hour, due to the abrupt loss of power, the CyberGrants Operations team had to assess the status of the critical network, storage, and server components, recover key configuration settings and ensure that no data corruption had occurred.   **The primary Production system was fully operational at 2:50p ET. Why Did This Occur \(Root Cause\)?** The CyberGrants co-location Data Center \(Navisite\) is a tier-1 facility with fully redundant power. This power loss was caused by a Navisite employed service technician mistakenly hitting the Emergency Power Off \(EPO\) button for the site. This button is required by law for local Fire Marshalls to be able to cut all power to the site in the event of a fire. The EPO button is intentionally designed to sever not only the main power supplied to infrastructure but also the battery backup and generators as well. All EPO buttons within the Navisite Data Center are clearly marked and have two layers of physical protection.   After power was restored, CyberGrants ability to quickly restore the failed systems was elongated by a number of factors including getting Operations personnel on-site at the Data Center, assessing the state of all systems, fixing component failures, verifying the integrity of the storage systems, and restarting servers for each tier \(DB, App, Web\). How Will CyberGrants Prevent Further Occurrences.   **As a result of this incident CyberGrants is taking the following steps:** 1. Confirm plans and execution with Navisite on the remediations to be implemented as a result of this incident \(i.e., Staff Retraining, Adding additional audio, visual, and physical controls for the EPO buttons\). 2. Reviewing and updating CyberGrants operational procedures for recovering all failed systems in the event of power loss \(i.e., monitoring, network configurations, power loss health checks, run books, etc.\). 3. Scheduling planned sessions where operational procedures can be tested and verified. 4. Enhancing disaster recovery and business continuity capabilities is already part of our infrastructure evolution, including faster full site failover.

Time: May 3, 2022, 6:53 p.m.

Status: Resolved

Update: CyberGrants has restored service to Production and Sandbox

Time: May 3, 2022, 6:37 p.m.

Status: Monitoring

Update: A fix has been implemented and we are monitoring the results.

Time: May 3, 2022, 6:30 p.m.

Status: Identified

Update: We are continuing to work on our production systems and believe that restoration is imminent. We will be in touch with a further update at 3:00pm ET.

Time: May 3, 2022, 5:39 p.m.

Status: Identified

Update: We are continuing to work on our production systems but do not yet have an ETA for restoration. We will be in touch with a further update at 2:30pm ET.

Time: May 3, 2022, 5:11 p.m.

Status: Identified

Update: We will not be able to make our previously committed timeline of service restoration at 1:30pm ET. While we have notable progress towards restoring service, there remain critical components that are not yet fully operational. We continue to work this issue at the highest level of criticality and will be in touch with a further update at 1:30pm ET. As soon as we have a new service restoration ETA we will provide an immediate update. Next update at 1:30p ET.

Time: May 3, 2022, 4:38 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. We still anticipate being fully operational with both Prod and Sandbox by 1:30p ET (or earlier). Next update at 1:00p ET.

Time: May 3, 2022, 4:01 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. We still anticipate being fully operational with both Prod and Sandbox by 1:30p ET (or earlier). Next update at 12:30p ET.

Time: May 3, 2022, 3:36 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. The storage subsystems are operational and we are now working to restart the servers. We anticipate being fully operational with both Prod and Sandbox by 1:30p ET (or earlier). Next update at 12:00p ET.

Time: May 3, 2022, 3:16 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. The networking is fully operational. We are still verifying the operation of a few remaining storage systems. Once those are operational, we will be restarting the Production Servers. We will post another update at 11:45a ET.

Time: May 3, 2022, 2:47 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. We are still verifying the operation of the networking and storage systems first. Once those are operational, we will be restarting the Production Servers. We will post another update at 11:15a ET.

Time: May 3, 2022, 2:25 p.m.

Status: Identified

Update: We are continuing to work on restoring our Production Systems. We are verifying the operation of the networking and storage systems first. Once those are operational, we will be restarting the Production Servers. We will post another update at 10:45a ET.

Time: May 3, 2022, 1:43 p.m.

Status: Identified

Update: A power outage at the Data Center affected the CG Production Systems. Power has been restored and we are working to restore the systems to an operational state. We will post another update at 10:15a ET.

Time: May 3, 2022, 1:01 p.m.

Status: Identified

Update: We have identified the issue and are completing tasks to remedy the issue

Time: May 3, 2022, 1:01 p.m.

Status: Identified

Update: The issue has been identified and a fix is being implemented.

Time: May 3, 2022, 11:49 a.m.

Status: Investigating

Update: We are currently investigating this issue.