Update - A small subset of users have been affected this morning by erroneous emails about deleted organizations.
We have identified the issue and are resolving it. Users receiving this email have not had their organization in Pivotal Web Services deleted despite seeing this email.
Apr 18, 11:51 PDT
Identified - On April 15th, a small number of users received an erroneous “Pivotal Web Services Payment failed” email. We have identified the issue and are resolving it. Users who received this email are not being erroneously charged and do not need to add billing information despite seeing this email.
Apr 17, 13:50 PDT
Monitoring - The following have been renewed:
The last domain to reissue is "*.cfapps.io" and we are working on renewing that cert.
Apr 14, 17:59 PDT
Identified - On April 7th, an OpenSSL vulnerability known as the "Heartbleed" bug was publicly exposed (CVE-2014-0160). https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
The Pivotal Web Services team has been working to eliminate our vulnerability to this bug.
At this time our SSL termination is no longer vulnerable to the bug. Since there was a period of time when our SSL termination was susceptible we are reissuing all of our certificates and in the process of updating them now. This work is in progress and we'll provide an update when it's complete.
Connections to services you provisioned through the Services Marketplace are also potentially vulnerable. Many of the service providers have been taking action and messaging the effected service instance owners separately.
PWS nor any of the service providers have identified a breach of security, but we strongly recommend that you change your credentials with PWS and the service providers.
To reset change your password with PWS:
1. login to developer console
2. edit your account
3. edit your member information to change your password
To reset your service provider credentials:
1. Unbinding and rebinding your service to your app will issue new credentials
2. $ cf unbind-service APP SERVICE_INSTANCE
3. $ cf bind-service APP SERVICE_INSTANCE
Apr 9, 17:58 PDT
This issue should now be resolved.
Apr 18, 10:30 PDT
Users are unable to connect to their SendGrid management console when using the "manage" link in the Developer Console. They are prompted with an authentication form requesting SendGrid account credentials. We're investigating the cause of the error.
Apr 10, 17:42 PDT
Functionality restored to all but a few accounts.
Apr 16, 20:58 PDT
Users are currently unable to access their organization on the Developer Console (console.run.pivotal.io). When trying to view an organization, a request to enter billing information is displayed. We advise our users not to add billing information despite seeing this request. This problem does not affect the ability to push applications via the Cloud Foundry CLI.
Apr 16, 14:07 PDT
This error was identified to only affect a specific user space. We're resolving the issue for that user. Other users should be able to provision a mongolab service instance.
Apr 14, 23:17 PDT
Users are currently unable to provision new instances of the Mongolab "sandbox" plan. We're working with Mongolab to resolve this issue.
Apr 14, 10:08 PDT
All accounts should be able to provision all services again.
Apr 8, 17:59 PDT
We've identified the problem and are working on a fix.
Apr 8, 14:21 PDT
We've observed intermittent problems provisioning the cloudamqp and rediscloud services. This may be affecting other services that we haven't directly observed as well.
Apr 8, 10:50 PDT