Abnormal Security incident

Account Takeover Service Degradation - Fedramp

Major Resolved View vendor source →

Abnormal Security experienced a major incident on January 15, 2026 affecting Account Take Over (ATO)(Fedramp), lasting 3h 26m. The incident has been resolved; the full update timeline is below.

Started
Jan 15, 2026, 08:39 PM UTC
Resolved
Jan 16, 2026, 12:05 AM UTC
Duration
3h 26m
Detected by Pingoru
Jan 15, 2026, 08:39 PM UTC

Affected components

Account Take Over (ATO)(Fedramp)

Update timeline

  1. identified Jan 15, 2026, 08:39 PM UTC

    Starting at 20:00 UTC on January 13, Abnormal began experiencing an issue affecting Account Takeover event visibility for Fedramp customers. Abnormal's core email protection services remain fully operational and continue to protect against threats. Abnormal's engineering team is actively working to restore full Account Takeover functionality.

  2. identified Jan 15, 2026, 09:40 PM UTC

    Abnormal engineers continue to work to fully restore Account Takeover functionality for FedRAMP customers. The next update will be provided when further information becomes available.

  3. monitoring Jan 15, 2026, 11:37 PM UTC

    Abnormal engineers have restored Account Takeover service for FedRAMP customers and are beginning to see events processing normally. Engineers continue to work towards full service restoration and are monitoring the system closely. The next update will be provided when further information becomes available.

  4. resolved Jan 16, 2026, 12:05 AM UTC

    As of 23:40 UTC on January 16, 2026, the Account Takeover event issue affecting FedRAMP customers has been fully resolved. All Account Takeover services are now operating normally. Abnormal's core email protection services remained fully operational throughout this incident and continued to protect against threats. If customers have any questions or concerns, please contact support at [email protected].