Abnormal Security Status

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.

Resolved: As of 03:30 UTC on January 23, Abnormal's Inbound Email Security services have fully recovered from the processing delays due to the widespread Microsoft outage. Microsoft has confirmed that they have fully resolved the infrastructure issue that was impacting multiple services globally. All email processing has returned to normal performance levels. If you experience any further issues or need assistance, please reach out to Abnormal's support team at [email protected].

Monitoring: Microsoft has reported high confidence that the incident affecting Abnormal's Inbound Email Security service is largely resolved. Microsoft has confirmed that access to Microsoft Defender for Office, Microsoft Purview, and DNS functionality has been restored, and Exchange Online mail flow remains stable. Abnormal engineers will continue to monitor service health overnight. The next update will be be provided around 16:00 UTC.

Monitoring: Abnormal is beginning to see early signs of recovery. The full recovery remains dependent on Microsoft completing their infrastructure restoration efforts. Our engineers continue to monitor the ongoing Microsoft issue impacting email processing. The next update will be provided when service is fully restored, or when Microsoft shares further information.

Identified: Microsoft has reported that during their ongoing recovery efforts for the outage that began affecting Abnormal's email services, they introduced a configuration change intended to expedite recovery. However, this change has temporarily created additional processing delays for some customers. The next update will be provided when Microsoft provides further information, or when services start to recover.

Identified: Microsoft has reported that while they have restored their affected infrastructure to a healthy state, additional load balancing is required to mitigate persistent impact from the earlier outage that began at 19:00 UTC. Microsoft has identified and is implementing additional actions to direct requests and traffic to additional healthy sections of infrastructure to achieve sustained recovery. Abnormal continues to monitor the situation closely and customers may still experience delays in email processing as Microsoft completes their recovery efforts.

Identified: Starting at 19:00 UTC, Abnormal began experiencing an issue processing emails for Inbound Email Security for US customers due to a widespread Microsoft outage. Abnormal engineers are working with Microsoft to restore email security. The next update will be provided in 60 minutes or when further information is available.

For more information on this outage, please see Microsoft's Status Page: https://status.cloud.microsoft/m365/referrer=serviceStatusRedirect

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.

Resolved: As of 18:33 UTC, Abnormal has fully restored all impacted services. Portal performance has returned to normal levels, and customers can now successfully access threat logs and retrieve threat data through Security Orchestration, Automation and Response integrations without errors. All delayed threat log data has been processed and is now available in customer portals. If customers continue to experience any issues, please contact support at [email protected].

Investigating: Starting at 17:05 UTC, Abnormal began experiencing an issue affecting the display and access of threat log information, as well as slowness in the Abnormal Portal for US customers. Customers may encounter errors when viewing threat logs in the Abnormal portal or accessing threat data through Security Orchestration, Automation and Response integrations. Abnormal's threat detection and email protection services continue to operate normally, and customer security remains intact. The engineering team is actively working to restore full functionality, and the next update will be provided within 60 minutes or when more information becomes available.