Today we've faced short downtime due to our continued effort of improving our security posture.
In an attempt to lock down the sources that can execute javascript code on our platform, we'd accidentally locked out our own API server.
The issue was not picked up by our automated E2E test deployments, because those work on different sets of URLs.
Within 30 minutes we were notified and the the issue was resolved.
Please be confident that no data was leaked.