Yesterday several customers let us know they were getting emails from Active saying (inaccurately) that the RunSignUp site was down. Last night we did additional research and there is a need to amend our diagnosis of the situation. Here is what we learned from log files and tracking of transactions.
- Someone at Active was running a “scraper” program called import.io. Scraper programs allow someone to go thru a bunch of pages and scrape off the data, like race names and locations. The command they were running was http://lightning.import.io/results?url=https%3A%2F%2Frunsignup.com%2FRaces%3Fs%3D%26name%3D%26num%3D250%26page%3D1
- RunSignUp has a number of tools we use to try to detect Denial of Service attacks and fraudulent behavior. This scraping activity triggered that, and caused us to shut down that IP address, 18.104.22.168, around 4:30PM Eastern. This is what they were seeing after that on the right.
- We noticed an increase of activity from 4:30PM Eastern thru 6PM after we cut off the IP address. A number of browsers were attempting to go to race websites, indicating multiple people at Active were trying to test races.
- We were able to confirm this IP address by looking at a number of transactions over the past half year where Active employees signed up for various races that were hosted on RunSignUp and they used their @activenetworks.com email addresses.
- The IP address also correlated with the WhoIs IP address lookup.
To explain this stuff in English – someone at Active was trying to copy races from the RunSignUp website and we caught them and turned off our website access from the Active location in Dallas. They noticed this and told others at Active, and there was a small flurry of testing and everyone was probably excited “RunSignUp is down! Let’s tell some prospects how much RunSignUp sucks!”
Let me (Bob) make this very clear. We do NOT blame the individual reps who did this. We do NOT blame a first level inside sales manager or whatever immediate level of management may have been involved. We DO BLAME a culture that is promoted by senior management of the company.
We hope this causes a bit of reflection by the senior management of Active about the long term harm they are causing their own company (and not RunSignUp) with their aggressive actions from a sales and customer engagement perspective. Spending a bit more time and money on the PRODUCT and SERVICE and less on sales and legal attacks would make more sense and help their customers far more.