Identified - Facebook has an ongoing bug and doesn't send notifications about new Instagram comments for some Instagram accounts. This impacts Gorgias ability to create Instagram comment tickets for those accounts. Facebook is aware of this issue and they do not have any short-term solution for it (the fix requires a long-term solution). On our side, we are currently thinking of a short-term workaround. We will keep you updated.
Apr 15, 14:46 PDT

About This Site

Below are Gorgias basic performance stats of our main services + incident reports. Feel free to subscribe to get updates.

Helpdesk Operational
90 days ago
100.0 % uptime
Today
REST API ? Operational
90 days ago
100.0 % uptime
Today
Web App ? Operational
90 days ago
100.0 % uptime
Today
Mobile Apps ? Operational
90 days ago
100.0 % uptime
Today
Helpdesk Integrations ? Partial Outage
90 days ago
99.95 % uptime
Today
Email ? Operational
Mailgun SMTP Operational
Mailgun inbound email Operational
Mailgun outbound email Operational
Mailgun API Operational
Gmail Operational
90 days ago
100.0 % uptime
Today
Outlook ? Operational
90 days ago
99.8 % uptime
Today
Live Chat ? Operational
Smooch Core API ? Operational
Facebook Posts & Comments ? Operational
Instagram comments ? Partial Outage
Shopify integration Operational
90 days ago
100.0 % uptime
Today
Shopify API & Mobile Operational
Aircall Public API Operational
Aircall Aircall Apps Operational
Stripe API Operational
Facebook Messenger ? Operational
90 days ago
99.96 % uptime
Today
ReCharge integration Operational
90 days ago
100.0 % uptime
Today
Helpdesk Clusters ? Operational
90 days ago
100.0 % uptime
Today
us-east1-main Operational
90 days ago
100.0 % uptime
Today
us-east4-65cd Operational
90 days ago
100.0 % uptime
Today
us-east1-2607 Operational
90 days ago
100.0 % uptime
Today
aus-southeast1-fcb9 Operational
90 days ago
100.0 % uptime
Today
europe-west3-86c1 Operational
90 days ago
100.0 % uptime
Today
Infrastructure & Cloud Operational
90 days ago
100.0 % uptime
Today
Google Cloud Platform Google Container Engine Operational
90 days ago
100.0 % uptime
Today
Google Cloud Platform Google Cloud Storage Operational
Google Cloud Platform Google Kubernetes Engine Operational
Google Cloud Platform Google Compute Engine Operational
Google Cloud Platform Google Cloud Networking Operational
Google Cloud Platform Google Cloud Pub/Sub Operational
Google Cloud Platform Google Cloud DNS Operational
Google Cloud Platform Google Cloud SQL Operational
Website ? Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.
Background Tasks Duration (average) ?
Fetching
REST API Response Latency (average) ?
Fetching
Past Incidents
Apr 16, 2021
Resolved - This incident has been resolved.
Apr 16, 11:22 PDT
Identified - Today, Apr 15th, we became aware of a serious security incident at one of our developer partners called codecov.io. We're using codecov to determine the test coverage of our code in order to improve our code and product quality. More details about the breach on their site: https://about.codecov.io/security-update/

What does this mean for Gorgias customers?

TLDR: To the best of our knowledge we have not detected any unauthorized access to our systems. If we detect any unauthorized access will let you know as soon as possible.

We are still investigating the extent of this breach, but our preliminary investigation reveals that only our Continuous Integration (CI) system together with the credentials present in that system was affected. As soon as we became aware of this breach we immediately began rotation of our credentials used in the CI system. Once we confirmed that we rotated all credentials, we began investigating what those credentials could have been used for and began looking at the audit logs of all affected systems. To the best of our knowledge and ability we have not detected any unauthorized access to our systems. Additionally, the customer data (in our databases) including PII is protected by a firewall that allows connections only from an allowlist so even if our credentials have been leaked it is unlikely that the attackers gained access to our systems. Due to overabundance of caution we rotated affected credentials anyway and will continue rotating all credentials, including those that we don't think were affected by the CI breach.

Could we have done a better job?

Yes, we should have added a checksum check of the uploader script that codecov was providing and a detailed security audit of that said script. Due to lack of time and attention to detail I didn't do that. This is my (Alex) fault and I'm assuming all responsibility for this lack of attention. Even if codecov claims that they are no longer compromised, we've removed all access from Codecov to Gorgias resources at least temporarily. Additionally we began an internal audit of all CI related tools and we're aiming to identify if there are similar gaps in our systems and fix them.

Do Gorgias customers need to do something?

No, this announcement is part of our disclosure policy: https://www.gorgias.com/security - thank you for trusting Gorgias with your data.

What's next?

We're continuing the rotation of credentials until we are reasonability certain that they are not compromised. I'll post an update here when it's done.

Thank you for your understanding. For additional questions feel free to reach out to our support: support@gorgias.com

Alex Plugaru, CTO & cofounder of Gorgias.
Apr 15, 14:06 PDT
Apr 15, 2021
Resolved - We've implemented a fix, this is now operational.
Apr 15, 04:09 PDT
Identified - It is currently impossible to add new Shopify integrations. Existing Shopify integrations are working correctly. We're looking into it and will come back to you as soon as possible.
Apr 15, 03:24 PDT
Apr 14, 2021

No incidents reported.

Apr 13, 2021

No incidents reported.

Apr 12, 2021

No incidents reported.

Apr 11, 2021

No incidents reported.

Apr 10, 2021

No incidents reported.

Apr 9, 2021

No incidents reported.

Apr 8, 2021
Resolved - The Facebook team did not communicate about this incident, but it seems that the services are back for most users.
Apr 8, 15:30 PDT
Investigating - We don't receive any data from Facebook and Instagram.
Apr 8, 14:46 PDT
Apr 7, 2021
Resolved - The platform was unavailable to some customers for 5 minutes because of a wrong manipulation on the server side.
Apr 7, 11:00 PDT
Apr 6, 2021

No incidents reported.

Apr 5, 2021

No incidents reported.

Apr 4, 2021

No incidents reported.

Apr 3, 2021

No incidents reported.

Apr 2, 2021

No incidents reported.