Braze is my guess. They let customers do a lot of stuff with pushing and pulling data per user and I would guess every customer is in a sandbox. They were also impacted by the incident.
It was the company that I found that was impacted and could have caused it. They also don't play nice with others. It's even in the documentation. We looked into buying their services. They have also caused load problems in other clouds. But it was just a guess. Could be anything.