Time: Nov. 4, 2024, 6:07 p.m.

Status: Resolved

Update: This incident has been resolved.

Time: Nov. 1, 2024, 6:02 p.m.

Status: Monitoring

Update: Version 25.1.21 of SecureAuth Authenticate for Android has been released to the Google Playstore. Impacted users who have not deleted the app will have the preexisting enrollments restored after installing the update. If you have any questions or are still experiencing issues, please reach out to Support at https://support.secureauth.com.

Time: Nov. 1, 2024, 3:28 p.m.

Status: Monitoring

Update: We are continuing to monitor for any further issues.

Time: Oct. 31, 2024, 7:50 p.m.

Status: Monitoring

Update: A small percentage of android users are experiencing missing enrolled accounts. A fix has been submitted to the Google Play store and will be available shortly. We strongly suggest you do not delete the app if experiencing this issue. We will provide an update once the new version is available, please reach out to [email protected] with any questions.

Time: Oct. 1, 2024, 4:21 a.m.

Status: Resolved

Update: Verizon has reported that they have fully restored their services.

Time: Sept. 30, 2024, 4:21 p.m.

Status: Monitoring

Update: We are aware of a widespread outage affecting Verizon Wireless in the United States. This may impact voice and SMS delivery to Verizon users.

Time: Sept. 20, 2024, 11:09 p.m.

Status: Postmortem

Update: **RCA – SecureAuth Authenticate iOS Release** **Problem Description:** On September 19, 2024 at 10:00AM PDT, SecureAuth released SecureAuth Authenticate version 25.0.18 to the IOS App Store. The application was targeted to 1% of the userbase with the previous version installed; however, users could still download the new version manually if desired. At approximately 11:00AM PDT, we receive internal and external reports that version 25.0.18 of SecureAuth Authenticate has broken preexisting enrollments, and users were unable to re-enroll to resolve the issue. **Cause:** Within the update process for SecureAuth Authenticate version 25.0.18, a format conversion of account data to a new arc-6 architecture is performed. The format conversion process failed due to missing group entitlements within the project configuration. This resulted in the SecureAuth Authenticate App’s inability to properly load account information, thus breaking functionality for end users. While no account data was lost, previous enrollments were inaccessible, and users were prompted to enroll, but could not. These entitlements were not discovered during QA due to a caching of configurations inside of Apple’s TestFlight system where the application was being tested. The only way to clear this cache is a factory reset of the device. Unknown to developers, these cached configurations held onto the missing group entitlements that were not present in the GA version of the application that was released. **Recovery:** The engineering team initiated resolution efforts on two fronts: Front 1: Revert to the previous version as an initial interim mitigation to restore functionality to impacted users as quickly as possible while a separate team focused on providing permanent fix for the following release. However, upon revert efforts, it was determined that this option was not viable due to technical complications brought on by the update and Apple compliance standards related to the Apple Watch application. Focus of efforts quickly shifted to Front 2. Front 2: Identify the cause of the format conversion failure and implement the fix. Upon successful completion of QA validation, submit to the iOS App Store for urgent review and publishment. **Resolution:** The format conversion process failed due to missing group entitlements within the project configuration. The fix reapplied the necessary group entitlements, restoring the app’s ability access the account data. **Timeline:** Sep 19, 2024 • 10:00 AM PDT - SecureAuth Authenticate version 25.0.18 released in iOS App Store • 11:00 AM PDT – Internal teams discover the issue with App release and Engineering Teams are notified • 11:09 AM PDT – Incident bridge started and Engineering teams begin investigating the issue • 11:15 AM PDT – Engineering Teams begin efforts to revert App to previous version in iOS App Store. • 11:20AM PDT – Status Page updated to inform customers to hold from application updates until further notice • 11:20 AM PDT – Engineering Teams continue to investigate root cause of the issue while also working on reverting to previous version on the iOS App Store • 12:30 PM PDT – Confirmed that the issue was not isolated to iOS 18 • 1:00 PM PDT – Discarded rollout option due to complications with Apple compliance standards for Wearable App • 1:00 PM PDT – Engineering teams refocus to provide patch for the Authenticate app. • 2:05 PM PDT – Cause of the issue identified as a failure of the format conversion process due to missing group entitlements within project configuration • 2:25 PM PDT – Fix is implemented and QA validation is initiated • 3:00 PM PDT – New build published for Urgent Review to App Store. • 4:12 PM - New version is deployed. Impacted users were notified to download the version 25.1.18 with preexisting enrollments intact. Support and Engineering teams continue to monitor the situation closely with customers. **Corrective Actions:** • Work with Apple to review their TestFlight requirements and determine why configurations were being cached, discover the standard duration of the cache period, and identify the steps needed to ensure the cache is cleared and updated configurations are being used during TestFlight QA processes. • Improve the current Pull Request and Code Review process in Mobile Development in order to mitigate the impacts of missing configurations and improve code release standards. • Add test cases to our QA suite to cover fresh devices, as it was determined that if wiped or “new” devices were being used for testing, the cached configurations would have been discovered.

Time: Sept. 20, 2024, 11:08 p.m.

Status: Resolved

Update: We are now moving this incident to resolved. Support and Engineering teams will continue monitor the situation closely. If you have any further issues, please contact support at https://support.secureauth.com. An RCA will be provided shortly.

Time: Sept. 20, 2024, 12:23 a.m.

Status: Monitoring

Update: Version 25.1.18 of the Authenticate App has been released. Impacted users must update to this version to restore their accounts. If this does not resolve your issue or if you have additional questions, please report the issue at https://support.secureauth.com. An RCA for this incident will be provided once our internal investigation is complete.

Time: Sept. 19, 2024, 10:19 p.m.

Status: Identified

Update: Status Update: 1. We attempted to revert to the previous version as an initial interim mitigation to restore functionality to impacted users as quickly as possible. Upon revert efforts, it was determined that this option is not viable due to technical complications brought on by the update. 2. The team has now shifted focus to provide patch for the Authenticate app. Our development teams are actively working to provide the release of the hotfix as soon as possible. We will continue to provide updates to you as we receive more information.

Time: Sept. 19, 2024, 10:16 p.m.

Status: Identified

Update: We are continuing to work on a fix for this issue.

Time: Sept. 19, 2024, 7:40 p.m.

Status: Identified

Update: We've submitted a rolled back version of the mobile application to Apple. We are awaiting Apple's review and approval. We will update the status once available in the App Store.

Time: Sept. 19, 2024, 6:21 p.m.

Status: Identified

Update: We've been alerted to an issue with the new release of our Authenticate application. We believe this issue is for iOS only. Android devices do not seem to be impacted at this time. We are rolling back our versioning. Until further notice, don't update the to new version of Authenticate application, 25.0.18. If you are affected by this, other MFA methods (eg. SMS, Voice) outside of the mobile app remain operational.

Time: Sept. 12, 2024, 8:29 p.m.

Status: Postmortem

Update: **Polaris Twilight Outage RCA - September 12, 2024**    **Problem Description**  On September 11, 2024 at 7:16PM, the SecureAuth Cloud Infrastructure encountered widespread connection issues with databases systems which resulted in authentication failures for impacted customers.  **Cause**  The SecureAuth Cloud Operations team was alerted of connections issues with the Twilight service \(integral service which other microservices are reliant\). Upon investigation, we identified that the service was experiencing database latency due to CPU utilization spikes on the database. The CPU spikes triggered mass restarts of the Twilight Service which in turn caused extended CPU spikes on the database.   The root cause was due to legacy dependencies on the database that were negatively affected during a redistribution exercise related to the Vault migration performed on August 29, 2024. Those legacy dependencies were originally determined to be benign, and therefore assumed to have no impact to the customer base after the Vault migration.    It was determined that the CPU spikes were caused by the interface between the service and the database in form of health checks that created a snowball effect, resulting in the aforementioned issues with the Twilight service.  Due to the nature of this issue, not all customers were immediately impacted; however, the recovery and resolution of this issue impacted all customer cloud services as a result of the scaling operations.  **Recovery**  To mitigate this issue, the cloud services were scaled down alleviate database pressure. Once the database stabilized, the services were scaled back up in a controlled manner until all services were fully restored.    **Timeline:**` `Sep 11, 2024   * 7:16PM PST – Twilight connection issues begin and alerts were  triggered  * 7:17PM PST – Cloud Operations team join bridge to investigate alerts  * 7:27PM PST – Issue is understood and mitigation efforts begin  * 7:27PM PST – Scale down of cloud services to alleviate database pressure begins.  * 7:40PM PST – Scale down complete and database CPU utilization stabilizes   * 7:41PM PST – Controlled \(staggered\) scale up of cloud services begins  * 8:30PM PST – Controlled scale up of cloud services is completed  * 8:40PM PST – All services in running state   * 9:00PM PST – Validation testing complete and incident resolved  * Post-9:00PM PST – Continued to monitor closely while working with some customers as needed to resolve intermittent issues caused by the incident.    Corrective Actions   * Engineering to review and improve the Twilight to Cockroach Database interface and determine a more elegant solution to the health check actions that would diminish the result of mass-restarts of the service during periods of high-usage spikes. * Leadership review of database alternatives to the solution architecture  * Improve decision-making accuracy by increasing team knowledge around legacy systems to ensure end to end awareness of potential impacts to assumed benign configuration changes.  * Introduce additional gates into the existing CAB \(Change Advisory Board\) process, including additional Engineering leadership, including cross-functional Subject Matter Experts

Time: Sept. 12, 2024, 4:38 a.m.

Status: Resolved

Update: The incident has been resolved. For any remaining issues or questions please reach out to [email protected].

Time: Sept. 12, 2024, 4:17 a.m.

Status: Monitoring

Update: A fix has been implemented and all issues have been resolved. We are continuing to monitor.

Time: Sept. 12, 2024, 3:33 a.m.

Status: Identified

Update: We have identified the issue and are in the process of implementing a fix.

Time: Sept. 12, 2024, 2:43 a.m.

Status: Investigating

Update: We are investigating an issue with our Cloud Services, and will post updates as we gain understanding to the issue.

Time: Sept. 6, 2024, 7:40 p.m.

Status: Resolved

Update: There was an interruption of service for the Passwordless platform, previously known as Arculix, between 12:01pm PDT until 12:13pm PDT. Service was restored and no further interruptions are expected. If you have any further questions or inquiries, please reach out to support at https://support.secureauth.com.