LastPass Account - Users are experiencing login issues and slowness.
Incident Report for LastPass
Postmortem

Root Cause Analysis (RCA)

Summary:

LastPass users experienced slow performance or were unable to login to LastPass to access their vault. LastPass engineers detected an exponential increase in connections to the LastPass backend database due to a software defect in the planned upgrade of the LastPass Chrome browser extensions. An attempted rollback of the change caused an unintended cascading failure across the customer-facing portions of the LastPass cloud infrastructure due to exceptionally high loads.

Date/Time of Incident:

Issue Start Time (UTC):         06/06/2024 15:17
Issue End Time (UTC):           06/07/2024 00:31
Total Duration:                        9 hours 14 minutes

Products Impacted:

  • LastPass Web Vault and Web Browser Extension
  • Federated Login (Microsoft Entra, Okta)
  • LastPass Mobile (iOS Password Manager, Android Password Manager)

Regions Impacted:

  • Americas
  • Asia-Pacific (APAC)
  • Europe, Middle East and Africa (EMEA)

Root Cause:

As part of work being done to refactor the LastPass browser extension for Chrome to align with Google’s new MV3 requirements, we have staggered the delivery of updates to customers. This update to MV3 adds many improvements and wholesale architectural changes from Google which are intended to improve the privacy, security, and performance of extensions.

During the release of this new Chrome browser extension, engineers noticed an exponential increase in connections to the LastPass platform across all tiers, and a subsequent increase in error rates for various APIs.

We ruled out any DoS/DDoS or other security issues unrelated to the update, made the determination that the correlation in timing was sufficiently close to the new extension deployment, and decided to “revert” the extension to remediate any further potential impact.

However, there was an unexpected side effect of this rollback which resulted in even more external requests from browser extensions due to the change.

As such, many thousands of Google Chrome web browsers began downloading the new extension update in a staggered manner. This is not an uncommon occurrence at our scale.

However, as these extensions began to reinitialize and attempted to authenticate, our monitoring systems crossed thresholds indicating that we were experiencing abnormal system scalability issues distributed across our Cloud availability zones as extensions “phoned home.”

During the period of instability, we saw this behavior manifest as slowness reported from customers in our observability dashboards began indicating threshold increases which ultimately spiked to 60X nominal load. This additional load came from roughly 414,000 Chrome browsers attempting to update (potentially multiple times each) resulting in performance degradation and service unavailability.

Remediation Actions Performed:

LastPass engineers implemented measures to alleviate the load on the system during the issue. It was determined that the most efficient and timely service restoration path was to throttle the pace of inbound requests from clients while also ensuring normalized extension versions and traffic to limit any additional waves of synchronization attempts impacting the site.

Specifically, we completed the following:

  • Temporarily disabled non-critical functions so that LastPass users could once again login and access their vaults while traffic stabilized. This “emergency mode” was deactivated once performance returned to normal levels.
  • Tuned critical infrastructure components such as our content distribution network, web application firewalls and load balancing tiers which enabled better scaling.
  • Increased our connection limits for our database tier which improved our performance and latency measurements.
  • Introduced several QA and testing improvements as well as the implementation of additional observability and alerting capabilities.
  • We have further improved our baselining and on-demand instance modeling to ensure we can handle out-of-threshold peak bursts more efficiently and effectively.

Future Preventative Measures:

We continue to execute additional measures meant to more efficiently detect and protect against these sorts of scenarios:

  • Further revision of our change control and release policies to improve visibility for changes that are high impact for customers
  • Unrelated to this outage, we have already begun implementation of an additional resilient Cloud region to further distribute traffic.
Posted Jun 13, 2024 - 16:32 UTC
Resolved
We have confirmed that the issue has been resolved completely and all systems are 100% operational at this time. We have conducted an internal investigation of this issue and have performed remediation actions and future preventative measures to help prevent future recurrence, which you can find on our status page page by selecting this incident. If you would like any additional information or are having any issues, please contact our support team at https://support.lastpass.com/s/contact-us
Posted Jun 13, 2024 - 16:31 UTC
Update
LastPass performance continues to be stable and fully operational. We will continue to actively monitor the service throughout the weekend before setting this incident to 'resolved' status
Posted Jun 07, 2024 - 19:16 UTC
Update
LastPass performance continues to be stable and fully operational. We will continue to actively monitoring the service throughout the weekend before setting this incident to 'resolved' status"
Posted Jun 07, 2024 - 16:37 UTC
Monitoring
Performance is returning to normal levels and we are continuing to monitor systems on our end.
Posted Jun 07, 2024 - 01:19 UTC
Identified
We are continuing to work on a fix for this issue.
Posted Jun 07, 2024 - 01:18 UTC
Update
Performance is returning to normal levels and we are continuing to monitor systems on our end.
Posted Jun 07, 2024 - 01:17 UTC
Monitoring
Performance is returning to normal levels and we are continuing to monitor systems on our end.
Posted Jun 07, 2024 - 00:47 UTC
Update
Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure. We are working hard to address the issue and are actively working towards a resolution.
Posted Jun 07, 2024 - 00:34 UTC
Update
Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure. We are working hard to address the issue and are actively working towards a resolution.
Posted Jun 07, 2024 - 00:03 UTC
Update
Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure. We are working hard to address the issue and are actively working towards a resolution.
Posted Jun 06, 2024 - 23:29 UTC
Update
Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure. We are working hard to address the issue and are actively working towards a resolution.
Posted Jun 06, 2024 - 22:56 UTC
Update
Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure. We are working hard to address the issue and are actively working towards a resolution.
Posted Jun 06, 2024 - 22:25 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 22:17 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 21:38 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 21:00 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 20:31 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 19:33 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 19:02 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 18:28 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 18:19 UTC
Update
We are continuing to work on a fix for this issue.
Posted Jun 06, 2024 - 18:17 UTC
Identified
Our engineers believe to have identified the issue and are now actively working towards a resolution.

We will provide another update shortly.
Posted Jun 06, 2024 - 18:06 UTC
Update
We are continuing to investigate this issue.
Posted Jun 06, 2024 - 17:33 UTC
Investigating
We are actively investigating reports that customers may be experiencing issues with account log in and slowness. Users may get time out errors upon login.

Our engineers are working to resolve the issue and will provide another update shortly.
Posted Jun 06, 2024 - 17:00 UTC
This incident affected: LastPass - Australia, LastPass - United States, LastPass - Europe, Vault, Federated Login (Microsoft Entra, Okta), Login (EU, US), and Mobile (iOS Password Manager, Android Password Manager).
Current Status Powered by Atlassian Statuspage