Abnormal Security Status

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.

Resolved: As of 23:40 UTC on January 16, 2026, the Account Takeover event issue affecting FedRAMP customers has been fully resolved. All Account Takeover services are now operating normally. Abnormal's core email protection services remained fully operational throughout this incident and continued to protect against threats. If customers have any questions or concerns, please contact support at [email protected].

Monitoring: Abnormal engineers have restored Account Takeover service for FedRAMP customers and are beginning to see events processing normally. Engineers continue to work towards full service restoration and are monitoring the system closely. The next update will be provided when further information becomes available.

Identified: Abnormal engineers continue to work to fully restore Account Takeover functionality for FedRAMP customers. The next update will be provided when further information becomes available.

Identified: Starting at 20:00 UTC on January 13, Abnormal began experiencing an issue affecting Account Takeover event visibility for Fedramp customers. Abnormal's core email protection services remain fully operational and continue to protect against threats. Abnormal's engineering team is actively working to restore full Account Takeover functionality.

Resolved: Between 16:40 UTC and 17:00 UTC, Abnormal experienced a service degradation with the Abnormal Portal affecting Fedramp customers. During this time, Fedramp users experienced errors when trying to load and navigate the portal, along with delays with pages loading. Remediation and detection services remained fully operational throughout the incident window.