RSA ID Plus Status Page

Apr 1, 2026 · resolved Apr 1

**Summary** On 04/01/2026, RSA ID Plus experienced a service outage in the ANZ region, impacting authentication workflows and related services. The issue was caused by a performance issue at the datastore layer caused by a non-optimal query execution pattern within one of the service data tiers, which led to elevated resource utilization and increased latency. This resulted in an authentication service outage. Service was restored through a combination of capacity adjustments and regional failover, and stability has been maintained since recovery. **Preliminary** **Root Cause** The incident was attributed to a query optimizer behavior that resulted in a suboptimal execution plan within the service data tier under specific runtime conditions. Under these conditions, the optimizer selected an inefficient query execution strategy, which led to: * Increased resource consumption within the data tier * Elevated query execution times * Resource contention impacting dependent services These conditions drove increased latency and service instability within authentication workflows. The behavior is consistent with a query plan regression scenario, where the optimizer generates a plan that is not optimal for the current data distribution or workload characteristics. **Recovery** During the incident, the team followed a controlled recovery approach aligned with the platform’s resilience design. RSA ID Plus is architected with strong in-region resilience, including redundancy and scaling capabilities across service layers, as well as a warm secondary region available for failover. In line with this design, the initial response focused on stabilizing the primary region by addressing resource contention within the data tier. Failover to the secondary region is available and was successfully executed as part of the recovery. Based on real-time impact assessment and recovery progress, it was determined that in-region remediation would not restore service within acceptable thresholds. A controlled failover to the secondary region was then initiated. Following stabilization, corrective changes were implemented within the primary region to address the underlying query optimization behavior. Once these changes were validated, traffic was safely transitioned back to the primary region in a controlled manner. All systems have remained stable under continued monitoring since recovery. **Mitigation and Resolution** The following actions were taken to restore service: * **Capacity Adjustment:** Increased available resources within the data tier to reduce contention * **Regional Failover:** Traffic was redirected to a warm region to restore service responsiveness * **Service Stabilization:** Performance returned to normal following these actions **Preventive Actions** **Immediate Actions** * Identification and correction of impacted query behavior * Stabilization of query execution patterns to prevent recurrence **Vendor Engagement and Safeguard Review** As part of the ongoing investigation and prevention efforts, RSA has engaged with our data service provider to further evaluate query optimization behavior observed during the incident. This includes a focused review of existing safeguards and protective mechanisms designed to detect and mitigate suboptimal query execution patterns. While these controls are in place, this event identified conditions under which they did not intervene as expected. This review is actively in progress, and findings will be incorporated into follow-up corrective actions.

Jan 15, 2026 · resolved Jan 15

**Incident Summary** On January 15, 2026 06:45–07:15 UTC, a subset of customers hosted on the EU1 deployment in the EMEA region experienced a degradation in authentication services. The event primarily manifested as intermittent authentication disruption, with the majority of affected tenants experiencing impact for less than 40 minutes. Core platform availability remained operational throughout the event. Most customers were able to authenticate successfully during the impact window, though some authentication flows experienced slower-than-normal response times and elevated failure rates for a limited period. Service behavior returned to normal once mitigation actions were applied. **Root Cause** A January service update introduced a flaw in our upgrade handling which caused some clients to unnecessarily retrieve application resources, creating unexpected request patterns within the authentication flow. This behavior disrupted normal request patterns within the authentication flow and contributed to authentication disruption for a subset of customers. In addition, notifications on the status page occurred later than expected. During the incident, overall service availability remained operational, and the impact presented as intermittent authentication disruption rather than a sustained outage condition. Because successful authentications continued throughout the incident window for most customers, initial indicators aligned with a limited disruption scenario. Customer communication was issued as impact scope was confirmed. **Mitigation and Recovery Actions** During the incident, the following actions were taken: * Rolled back January service updates deployed prior to the incident * Scaled additional capacity within the affected EMEA deployment * Continued real-time monitoring to validate stabilization These actions successfully stabilized the environment. No recurrence has been observed since mitigation was applied. Corrective and Preventive Actions The following actions are under evaluation or implementation: * Improvements to upgrade handling to prevent unnecessary resource refresh behavior * Enhancements to monitoring and alerting to improve visibility into customer-impacting disruption scenarios * Review of incident communication workflows and notification triggers

Oct 9, 2025 · resolved Oct 9

October 9, 2025 Approximately 19:43 UTC and 23:59 UTC A subset of RSA customers experienced intermittent connectivity issues when attempting to access RSA Cloud services. Our internal monitoring confirmed that all RSA service components remained fully operational throughout this period. However, some customer connections to our service were disrupted due to a broader Microsoft network routing issue. Preliminary Root Cause Microsoft has confirmed that this event was part of a large-scale Microsoft / Azure network outage affecting multiple U.S. regions. The issue began at 19:43 UTC (1:43 PM MT) and impacted connectivity for both Microsoft services (including O365 and administrative portals) and third-party applications hosted on Azure. Microsoft is preparing a formal Root Cause Analysis (RCA) for this incident. RSA’s support case has been linked to that investigation, and we will provide updates once Microsoft publishes their findings. Following engagement with Microsoft, Azure Support has confirmed a large-scale network incident affecting multiple U.S. regions and impacting connectivity to various Microsoft and third-party cloud services. Microsoft has associated our support case with their Large-Scale Incident (LSI) and is preparing a formal Root Cause Analysis (RCA), which we will review once available. Impact to RSA Customers - RSA services themselves remained healthy and available. - Some customers were unable to reach RSA Cloud endpoints during the incident due to Microsoft routing disruptions. - Service accessibility returned to normal as Microsoft mitigated the network event. Next Steps RSA continues to work directly with Microsoft to review the final RCA and to ensure that any corrective actions taken at the Azure network level are communicated clearly. Additional updates will be provided through our regular customer communication channels once Microsoft releases their full report.

Aug 28, 2025 · resolved Aug 29

**Root Cause Analysis – SMS Delivery Incident \(August 28, 2025\)**  **Incident Summary** On August 28, 2025, between 15:14 UTC and 21:00 UTC, customers in the United States may have experienced intermittent issues with SMS message delivery. During this time, one of our downstream providers experienced platform instability that caused delivery delays and degraded message quality. Voice services and non-U.S. SMS traffic were unaffected.  **Root Cause** The disruption originated with a downstream provider whose internal database systems became unstable, creating message queues and delivery delays across two of their datacenter regions. This caused two periods of degraded service during the afternoon of August 28.  Upon identification of the issue, the downstream provider initiated failover procedures to alternate delivery routes. Within minutes, the majority of SMS traffic was stabilized through backup channels. A secondary recurrence later in the afternoon required an additional failover, after which delivery was restored for most customers by 16:19 UTC. Final adjustments ensured all traffic was fully restored by 21:00 UTC.  **Preventive Measures** We are working closely with our downstream provider on the following improvements to reduce the likelihood of recurrence:  * **Enhanced Failover:** Strengthening U.S. SMS failover processes to allow faster transition to alternate delivery paths during provider instability.  * **Provider Safeguards:** Implementation of improved monitoring and alerting by the provider to prevent future database-related issues.  * **Resilience Review:** Ongoing joint evaluation of routing strategies within U.S. carrier regulations to expand redundancy and increase flexibility in failover scenarios.  In addition, RSA is undertaking the following initiatives to further improve resiliency and visibility:  * **Multi-Vendor Strategy:** Assessing options for a multi-vendor delivery model to reduce dependency on any single downstream provider.  * **Enhanced Monitoring:** Expanding RSA’s own monitoring and advanced detection capabilities to identify potential delivery degradation earlier, beyond what downstream providers can directly report.  We recognize the importance of reliable SMS delivery for our customers. We sincerely apologize for the inconvenience this incident may have caused and are committed to maintaining the highest levels of service availability and resiliency.

Aug 5, 2025 · resolved Aug 5

After monitoring the fix, SaaS Operations has determined that the incident affecting RSA ID Plus Administration Service has been resolved. No Authentication Services were impacted by this incident. We will post a root cause analysis as soon as it is available.