A fix has been deployed and we are now monitoring the results.

This incident has been resolved.

This incident has been resolved.

This incident has been resolved.

Incident Postmortem - Login and Sync Issues

Date of Incident: 2026-04-27
Time of Incident (UTC): 14:15 - 15:41
Service(s) Affected: All web APIs
Impact Duration: Approximately 86 minutes

Summary

On April 27, 2026, 1Password.com experienced a period of elevated error and full service unavailability in our USA/Global region. A defect deployed in application scaling logic caused a cascading failure during peak usage. This resulted in a period of service unavailability for customers in the USA/Global region.

This was not a security incident, and there was no loss of data.

Impact on Customers

• Sign-in and account access: Customers in the USA/Global region experienced errors or were unable to sign in or access their 1Password accounts between approximately 14:15 and 15:41 UTC on April 27, 2026.
• All 1Password clients: The disruption applied to all client types, including the web app, CLI, browser extensions, and desktop and mobile applications, for customers connecting through the USA/Global region.
• Geographic regions affected: Only customers on the USA/Global region were affected. Other regions were not impacted.

What Happened?

We deployed a change to how our services signal their readiness to serve requests, which contained a latent defect.

• Timeline of events:

  • 2026-04-27 14:15 UTC - Load increase triggers issues.
  • 2026-04-27 14:29 UTC - Incident declared; response team mobilized.
  • 2026-04-27 15:41 UTC - Issue identified and fix deployed.
  • 2026-04-28 18:06 UTC - Incident formally resolved following monitoring.

How Was It Resolved?

Our on-call engineering team identified the scaling logic as the cause of the cascading failure and disabled it via a configuration change. Once disabled, capacity was restored, and traffic recovered. A subsequent configuration change was made to prevent this logic from being re-enabled in production environments.

What We Are Doing to Prevent Future Incidents

• Immediate fix: We disabled the defective health check logic and locked the configuration to prevent it from being re-enabled in production.
• Retrospective: We are conducting a full retrospective with the incident responders to identify further improvements to our systems and our response processes.

Next Steps and Communication

• No action is required from our customers at this time.

We are committed to providing a reliable and stable service, and we are taking the necessary steps to learn from this event and prevent it from happening again. Thank you for your patience and understanding.

Sincerely,

The 1Password Team

This incident has been resolved.

2026-04-14 SEV1 Incident Postmortem - Hosted Service in the US experiencing high latency and errors

Incident Postmortem - Elevated Application Error

Date of Incident: 2026-04-14
Time of Incident (UTC): 17:25 - 18:00
Service(s) Affected: Sign in, Admin console
Impact Duration: Approximately 35 minutes

Summary

On April 14, 2026, 1Password.com experienced elevated error rates due to an increase in traffic to our USA/Global infrastructure. Requests arrived more quickly than they could be serviced in our USA/global region. Customers experienced errors and high latency.

This was not a security incident, and there was no loss of data.

Impact on Customers

• Sign-in and account access: Some customers in the USA/Global region experienced errors when attempting to sign in or access their 1Password accounts between 17:25 and 18:00 UTC on April 14, 2026.
• All 1Password clients: The disruption applied to all client types, including the web app, browser extensions, and desktop and mobile applications, for customers connecting through the USA/Global region.
• Number of affected requests: Approximately 2.95% of requests over the incident window to 1Password.com (USA/Global) during the incident window resulted in errors or timeouts, though for some brief spikes up to 45% of requests failed.
• Geographic regions affected: Customers on our USA/Global only, other regions were not affected.

What Happened?

An unusually high volume of traffic exceeded the capacity of our controls, and triggered latency and errors in the underlying applications.

• Timeline of events:

  • 2026-04-14 17:25 - Start of incident.
  • 2026-04-14 17:36 - Issue identified.
  • 2026-04-14 17:51 - Fix implemented.
  • 2026-04-14 18:01 - Recovery complete.

• Root cause analysis: An increase in traffic exceeded the capacity of our traffic management layer, causing degraded service for customers in the USA/Global region.

How Was It Resolved?

• Established runbooks for load shedding and system upgrades mitigated the issue.

What We Are Doing to Prevent Future Incidents

• Resolution: We made two key changes to prevent recurrence:

  1. Increased capacity of internal systems
  2. Upgraded traffic controls at the network edge

• Verification: Since implementing these changes, we have observed several additional instances of unusually high traffic matching this incident. In each case, the new controls handled the traffic automatically with no impact to customers or our systems.

Next Steps and Communication

• No action is required from our customers at this time.

We are committed to providing a reliable and stable service, and we are taking the necessary steps to learn from this event and prevent it from happening again. Thank you for your understanding.

Sincerely,

The 1Password Team

This incident has been resolved.

This incident has been resolved.

A fix has been deployed and this issue is now resolved.