AWS Cognito Change Password JWT IdToken Payload No Longer Contains given_name OR family_name

We are using Cognito for user authentication. The first step in our flow is for the user to reset their password from the temp password Cognito supplies, during this flow we also ask for the given_name and family_name attributes. Here is the request we send to cognito for the password reset challenge Request URL: https://cognito-idp.us-west-2.amazonaws.com/ Request Method: POST Body:

{
  "ChallengeName": "NEW_PASSWORD_REQUIRED",
  "ClientId": "******",
  "ChallengeResponses": {
    "userAttributes.given_name": "John",
    "userAttributes.family_name": "Doe",
    "NEW_PASSWORD": "******",
    "USERNAME": "****"
  },
  "Session": "*********"
}

The response looks something like

{
    "AuthenticationResult": {
        "AccessToken": "****",
        "ExpiresIn": 86400,
        "IdToken": "****",
        "RefreshToken": "****",
        "TokenType": "Bearer"
    },
    "ChallengeParameters": {}
}

We then verify the IdToken and grab the given_name and family_name from the payload and use that to create a user in our database. Our users are now failing to create due to the given_name and family_name user attributes missing from the IdToken.

Previous to April 23rd 1:57am CST, the payload had this structure:

{
    "sub": "****-****-***-***-***",
    "email_verified": true,
   "iss": "https://cognito-idp.us-west-2.amazonaws.com/*****",
   "cognito:username": "****-**-****-****-**********",
    "given_name": "John",
    "origin_jti": "*****-****-****-****-**********",
    "aud": "*********",
    "event_id": "******-****-****-****-**********",
    "token_use": "id",
    "auth_time":  **********,
     "exp": **********,
    "iat": **********,
     "family_name": "Doe",
    "jti": "******-****-****-****-*********",
     "email": "***@*****.com"
   } 

Now the payload response in the IdToken does not contain given_name or family_name and has this structure.

{
   "sub": "****-****-***-***-***",
   "email_verified": true,
   "iss": "https://cognito-idp.us-west-2.amazonaws.com/*****",
   "cognito:username": "****-**-****-****-**********",
    "origin_jti": "*****-****-****-****-**********",
    "aud": "*********",
    "event_id": "******-****-****-****-**********",
    "token_use": "id",
    "auth_time":  **********,
     "exp": **********,
    "iat": **********,
    "jti": "******-****-****-****-*********",
     "email": "***@*****.com"
}

After authenticating that user through the USER_PASSWORD_AUTH flow, the IdToken payload does contain given_name and family_name.

Has anyone else ran into this? Did the Cognito team accidentally release a breaking change to the IdToken creation recently? Any ideas or better implementations are welcome. Thanks!