Breach Secure Now! incident

Catch Phish Loading Issue

Minor Resolved View vendor source →

Breach Secure Now! experienced a minor incident on February 25, 2025 affecting Catch Phish, lasting 168d 19h. The incident has been resolved; the full update timeline is below.

Started
Feb 25, 2025, 05:41 PM UTC
Resolved
Aug 13, 2025, 01:11 PM UTC
Duration
168d 19h
Detected by Pingoru
Feb 25, 2025, 05:41 PM UTC

Affected components

Catch Phish

Update timeline

  1. identified Feb 25, 2025, 05:41 PM UTC

    An issue has been identified with the Catch Phish Email Plug-in not loading for some users. The cause of this issue has been linked to an update made by Microsoft which turns off all legacy Exchange user identity and callback tokens by default for Exchange Online tenants, encouraging the adoption of Nested App Authentication (NAA). This change affects Outlook add-ins that rely on these tokens, potentially impacting their functionality. Administrators can temporarily turn legacy tokens back on, but Microsoft will permanently disable them for all tenants by June 2025. We are working to ensure the smooth operation of Catch Phish while looking into options for the future. Thank you for your patience.

  2. monitoring Mar 05, 2025, 04:35 PM UTC

    A temporary fix has been discovered for the issue preventing Catch Phish from loading for some users. Once legacy tokens are enabled and Outlook is restarted, Catch Phish should function normally again. A link to the instructions for turning on legacy Exchange Online tokens and re-enabling Outlook add-ins is included below. Our team is currently working on a permanent fix. If you have any additional questions, please reach out to our Support team for assistance. Thank you for your patience and understanding. https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off#connect-to-exchange-online-powershell

  3. monitoring May 06, 2025, 05:55 PM UTC

    We’re in the final stages of testing a permanent fix for the issue preventing Catch Phish from loading for some users. Our team has been working diligently to ensure the upcoming solution is compatible with Microsoft’s evolving requirements. We expect to roll out the fix shortly. Thank you for your continued patience and partnership. We’ll provide another update as soon as the fix is live.

  4. monitoring May 19, 2025, 09:32 PM UTC

    The permanent fix for the Catch Phish Email Plug-in issue is now available. Our team has completed testing and confirmed that the solution resolves the loading issue caused by Microsoft’s recent changes. Applying the fix requires removing the existing version of Catch Phish and re-deploying the updated version. Our Support team will be reaching out to those who have previously opened a ticket related to this issue. For those who have not opened a support ticket but would like detailed instructions on how to implement the permanent fix, please contact our Support team at [email protected]. Thank you for your patience and continued support as we worked toward a long-term solution.

  5. resolved Aug 13, 2025, 01:11 PM UTC

    This incident has been resolved.