AWS Service Disruption on October 21, 2025 — MojoAuth Infrastructure Update
None
<h3>Overview</h3><p>On <strong>October 21, 2025</strong>, MojoAuth experienced partial service disruption for approximately 2 hours and 17 minutes due to a <strong>regional AWS service degradation</strong> impacting multiple core systems.<br> During this time, users in the US-East-1 (N. Virginia) and EU-West-1 (Ireland) regions experienced increased authentication latency, delayed email OTP deliveries, and intermittent API timeouts.</p><p>While this outage originated from AWS infrastructure, our engineering team worked continuously to mitigate user impact and restore normal operations.</p><div class="code-block code-block-13" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-13-1" data-info="WyIxMy0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="U2hvcnQ=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://www.techstrongevents.com/cruisecon-virtual-west-2025/home?ref=in-article-ad-2&utm_source=sb&utm_medium=referral&utm_campaign=in-article-ad-2" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2025/10/Banner-770x330-social-1.png" alt="Cruise Con 2025"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h3>Incident Timeline</h3><table> <thead> <tr> <th>Time (UTC)</th> <th>Event</th> </tr> </thead> <tbody> <tr> <td><strong>06:12 AM</strong></td> <td>AWS CloudWatch triggered elevated latency alerts for DynamoDB and SNS in US-East-1.</td> </tr> <tr> <td><strong>06:24 AM</strong></td> <td>MojoAuth Ops detected rising error rates in authentication and email OTP API endpoints.</td> </tr> <tr> <td><strong>06:45 AM</strong></td> <td>Incident declared SEV-1. Customer notifications initiated.</td> </tr> <tr> <td><strong>07:00 AM</strong></td> <td>Traffic routed to backup region (US-West-2) under degraded mode.</td> </tr> <tr> <td><strong>07:52 AM</strong></td> <td>AWS status page confirmed service disruption impacting multiple services.</td> </tr> <tr> <td><strong>08:21 AM</strong></td> <td>Systems gradually recovered as AWS restored stability.</td> </tr> <tr> <td><strong>08:29 AM</strong></td> <td>Normal operations resumed.</td> </tr> <tr> <td><strong>09:10 AM</strong></td> <td>Incident closed after 30 minutes of post-recovery monitoring.</td> </tr> </tbody> </table><p>Total duration of partial degradation: <strong>~2 hours 17 minutes</strong></p><h3>Root Cause Analysis</h3><p>The disruption was traced to network connectivity issues within AWS’s internal routing layer, which affected:</p><ul> <li><strong>DynamoDB</strong> latency spikes and read/write throttling</li> <li><strong>SNS/SQS</strong> delivery delays for OTP messages</li> <li><strong>Lambda</strong> cold start times for webhook functions</li> </ul><p>As MojoAuth’s passwordless and OTP infrastructure relies on a distributed combination of these AWS services, cascading latency led to timeouts across the Authentication API and OTP verification endpoints.</p><h3>Immediate Mitigation Actions</h3><p>During the incident, the following steps were taken to minimize impact:</p><ol> <li><strong>Traffic rerouted</strong> to secondary region (US-West-2) with rate limiting for new session creations.</li> <li><strong>Failover of OTP delivery</strong> to alternate messaging provider (Twilio) for critical regions.</li> <li><strong>Temporary cache extension</strong> for valid session tokens to prevent unnecessary re-authentication.</li> <li><strong>Customer notifications</strong> posted to <a href="https://status.mojoauth.com/">status.mojoauth.com</a> within 15 minutes of detection.</li> </ol><h3>Permanent Improvements (In Progress)</h3><p>To prevent similar disruptions, we’ve initiated the following improvements:</p><h4>1. Multi-Region Failover Expansion</h4><ul> <li>Expanding active-active regional setup beyond US-East-1 and EU-West-1 to include Asia-Pacific (Singapore) for global traffic resilience.</li> </ul><h4>2. OTP Delivery Redundancy</h4><ul> <li>Introducing multi-provider fallback for email and SMS (SendGrid + Twilio + Mailazy).</li> </ul><h4>3. API Gateway Isolation</h4><ul> <li>Implementing <strong>per-region routing</strong> at the API Gateway layer to isolate region-specific faults.</li> </ul><h4>4. Transparent Incident Automation</h4><ul> <li>Automated customer alert system tied to incident triage for faster and proactive updates.</li> </ul><h4>5. Postmortem & Simulation Testing</h4><ul> <li>Conducting disaster recovery drills and failure injection tests to validate multi-region switchover reliability.</li> </ul><h3>Communication & Transparency</h3><p>We understand the importance of reliability in authentication systems. While AWS outages are beyond our direct control, our responsibility is to isolate and minimize user impact as much as possible.</p><p>Our team followed internal SLA protocols to:</p><ul> <li>Maintain 99.9% uptime transparency</li> <li>Publish real-time updates on our Status Page</li> <li>Provide post-incident RCA within 24 hours</li> </ul><p>If you experienced disruption or API degradation, you can contact our support team for assistance or credit eligibility review:<br> <a href="/cdn-cgi/l/email-protection#2754525757485553674a484d484652534f0944484a"><span class="__cf_email__" data-cfemail="bac9cfcacad5c8cefad7d5d0d5dbcfced294d9d5d7">[email protected]</span></a></p><h3>Current Status</h3><p>All services have been fully restored, and MojoAuth systems are now <strong>operating normally</strong> across all regions.<br> Ongoing monitoring shows stable performance across OTP delivery, WebAuthn, and OIDC authentication flows.</p><p>You can always track our system health at <a href="https://status.mojoauth.com/">status.mojoauth.com</a>.</p><h3>Final Note</h3><p>We sincerely apologize for the inconvenience this disruption caused.<br> Our mission at MojoAuth is to provide <strong>frictionless, resilient, and passwordless authentication</strong> to businesses worldwide — and we’re taking every step to strengthen our infrastructure against regional cloud outages.</p><p>We appreciate your trust and patience as we continue improving the reliability of our global platform.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/11/aws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update/" data-a2a-title="AWS Service Disruption on October 21, 2025 — MojoAuth Infrastructure Update"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Faws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update%2F&linkname=AWS%20Service%20Disruption%20on%20October%2021%2C%202025%20%E2%80%94%20MojoAuth%20Infrastructure%20Update" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Faws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update%2F&linkname=AWS%20Service%20Disruption%20on%20October%2021%2C%202025%20%E2%80%94%20MojoAuth%20Infrastructure%20Update" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Faws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update%2F&linkname=AWS%20Service%20Disruption%20on%20October%2021%2C%202025%20%E2%80%94%20MojoAuth%20Infrastructure%20Update" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Faws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update%2F&linkname=AWS%20Service%20Disruption%20on%20October%2021%2C%202025%20%E2%80%94%20MojoAuth%20Infrastructure%20Update" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Faws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update%2F&linkname=AWS%20Service%20Disruption%20on%20October%2021%2C%202025%20%E2%80%94%20MojoAuth%20Infrastructure%20Update" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://mojoauth.com/blog">MojoAuth - Advanced Authentication &amp; Identity Solutions</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by MojoAuth - Advanced Authentication & Identity Solutions">MojoAuth - Advanced Authentication & Identity Solutions</a>. Read the original post at: <a href="https://mojoauth.com/blog/aws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update">https://mojoauth.com/blog/aws-service-disruption-on-october-21-2025-mojoauth-infrastructure-update</a> </p>