INC219954 :: Intermittent 2SV login errors

Update timeline

1. investigating Apr 14, 2026, 05:30 PM UTC

   Please be advised that members may have intermittent login failures on Retail and Small Business banking. We are actively investigating to identify the root cause and assess the impact. Members using biometric login or unchallenged two-step verification (2SV) are not affected. We are conducting a thorough analysis of the systems involved and working toward resolving the issue. [email protected] - 1.888.889.7878, option 2

2. resolved Apr 14, 2026, 06:16 PM UTC

   The incident has been resolved. We will complete a postmortem, and share these results when available. [email protected] - 1.888.889.7878, option 2

3. postmortem Apr 21, 2026, 09:28 PM UTC

   Postmortem: INC219954 – Intermittent Two‑Step Verification \(2SV\) Login Errors On Monday, April 14 2026, beginning at approximately 12:30 a.m. PT, some credit union customers experienced intermittent login failures when accessing Retail and Small Business Online Banking. The issue persisted until 10:10 a.m. PT, when full service was restored. Customers affected by the issue may have been unable to complete logins requiring Two‑Step Verification \(2SV\). Customers using biometric login or unchallenged 2SV flows were not impacted. Point of Failure: One of the newly added MD Authentication \(MDAuth\) servers entered a degraded state following its routine nightly restart. Although the server appeared operational, it was unable to reliably process 2SV authentication requests, resulting in intermittent login failures for users routed to that server. Under normal circumstances, Dynatrace monitoring alerts the team when an authentication server enters a degraded state. However, this newly added server was configured with an incorrect monitoring mode, preventing expected alerts from triggering. As a result, the server remained in rotation longer than expected while serving failed authentication requests. Resolution: The affected MDAuth server was temporarily removed from the load balancer, immediately stabilizing 2SV login functionality. No further issues were observed following its removal. Corrective Actions: Server Removed from Load Balancer – COMPLETED The affected authentication server was suspended from traffic to restore service stability. Monitoring Configuration Corrected – COMPLETED Dynatrace monitoring has been updated to ensure the server is tracked under the correct monitoring mode and generates alerts for this failure condition. Post‑Deployment Validation Review – COMPLETED Monitoring configuration checks have been reinforced for newly added authentication servers to ensure alerting is active prior to placing them into production rotation. We apologize for the disruption this caused to your operations and your customers. If you have any questions or would like additional detail, please contact Digital Banking Support. Digital Banking Support [digitalbanking\[email protected]](mailto:[email protected]) 1\.888.889.7878 \(press 2\)