Bot Attack — Gift Card Orders (2025-11-10)
Overview
Over the weekend of November 8–9, 2025, a bot targeted the Doodla website and generated approximately 70 failed gift card orders. The orders appeared under different names, making them look legitimate at first glance, but all were for gift cards and all failed. The high volume triggered a flood of order notification emails to Mark.
The incident was identified and a temporary fix was applied before the Monday standup. Cleanup and client notification are in progress.
What Happened
- A bot targeted the Loom gift card option on the Doodla storefront.
- ~70 failed orders were placed under different names over the weekend.
- All orders were for gift cards; all failed at the payment stage.
- The volume of failed orders triggered a large number of automated email notifications.
- The attack appears to have stopped on its own prior to the standup.
Resolution
- Temporary fix: The Loom gift card option was removed from the site to prevent further bot activity.
- The issue appears resolved as of the time of the standup.
Action Items
| Owner | Action | Status |
|---|---|---|
| Karly | Email client (Lucy) to inform her of the bot attack and resolution | Pending |
| Karly | Delete the ~70 failed orders from the Doodla site | Pending |
| Isahaque | Assist with investigation and cleanup as needed | Pending |
Notes
- The Loom gift card option was already slated to be swapped out, so its removal is not a regression.
- Mark receives order notification emails for Doodla — his inbox flagged the anomaly.
- No customer data or successful transactions appear to have been compromised; all orders failed.
Related
- [1]
- [2]