Temporary Service Disruption Due to External Cloud Provider Issue

Incident Report for LastPass

Postmortem

Summary
On Oct 20th, 2025, an outage experienced by a LastPass cloud provider impacted multiple LastPass services. Complete service degradation began approximately 2.5 hours after the cloud provider outage, and a decision to fail over to our disaster recovery region was made to avoid increased customer impact. Because this cloud provider is also used by several third-party vendors, our status page updates and support phone lines were also impacted. This resulted in limited customer awareness of the outage and from allowing them to engage with LastPass Support.

Date
Issue Start Time (UTC): 20/10/2025 09:25 UTC
Issue End Time (UTC): 20/10/2025 11:36 UTC

Products Impacted
All LastPass services
Support phone lines
LastPass Status Page

Root-Cause
A major third-party vendor outage affected LastPass resources deployed in our primary cloud provider. To mitigate the customer's impact, LastPass engineers executed a failover to our disaster recovery region and were able to return to normal operations. LastPass executed a failover back to our primary cloud region once we had determined our cloud provided had recovered fully in that region.

Incident timeline:
• 09:25AM UTC 20/10/2025 - Outage is identified via alerts
• 09:26AM UTC 20/10/2025 - Active monitoring by engineers of LastPass services availability and operability starts
• 10:49AM UTC 20/10/2025 - Degradation of some LastPass services (SSO, DWM and UAC) as well as external third-party vendors is identified
• 10:49AM UTC 20/10/2025 - Investigation of the LastPass service degradation begins
• 11:03AM UTC 20/10/2025 - Failover to DR region
• 11:11AM UTC 20/10/2025 - Validation on services functionality starts
• 11:41AM UTC 20/12/2025 - Incident is mitigated following cloud provider recovery
• 10:00AM UTC 22/10/2025 - Failback to primary cloud region

Future Preventative Measures
• Implement additional failover cloud region resilience
• Improve our monitoring to identify vendor issues and perform subsequent response actions sooner
• Document and test Business Continuity Plan for Incident Response Tooling

‌

Related issues
N/A

Posted Oct 27, 2025 - 17:30 UTC

Resolved

This incident has been resolved.

Posted Oct 20, 2025 - 13:25 UTC

Update

All of our services are now running and operational. However, we are closely monitoring the situation, as some of our external providers who were also affected by this incident are still in the process of recovery.

We’re keeping a close eye on our integrations to ensure continued stability and prevent further disruptions.

Posted Oct 20, 2025 - 11:12 UTC

Monitoring

Most services have now been restored and are operational, including our phone lines. We continue to monitor the situation closely to ensure full stability.

Posted Oct 20, 2025 - 10:41 UTC

Investigating

We’re currently experiencing service degradation due to an issue with our external cloud provider, this has also impacted our phone lines. For support, please reach out through our Support Center. Our team is actively working to resolve the issue and minimize the impact.

Posted Oct 20, 2025 - 09:57 UTC

This incident affected: LastPass - Australia, LastPass - United States, LastPass - Europe, Admin Console, Commerce System, Dark Web Monitoring, LastPass Marketing Website, LastPass Support Site, Vault, Federated Login (Microsoft Entra, Okta, Google Workspace, Ping One, Ping Federate, OneLogin, ADFS), Integrations (SIEM Azure Sentinel, SIEM Splunk, PSA, SSO), Login (MFA, EU, US, Other), and Mobile (iOS Authenticator, Android Authenticator, iOS Password Manager, Android Password Manager).