Date: 2022-08-09
Date of Incident: 2022-08-04
Description: RCA for PUSH MFA Degradation
Summary:
At approximately 15:45 MDT on 2022-08-04, some JumpCloud customers experienced failures authenticating using JumpCloud Protect Mobil Push. Users that had multiple MFA configurations enabled were able to authenticate successfully using a secondary option. This degradation of service lasted until approximately 17:20 MDT on 2022-08-04.
Root Cause:
A latent misconfiguration in our notification (authentication-api) service was inadvertently exposed during a migration of our infrastructure configuration management software. This configuration caused the container health checks to fail, and not allow this service to start properly.
Corrective Actions / Risk Mitigation: