Kinde experienced a minor incident on May 26, 2025, lasting —. The incident has been resolved; the full update timeline is below.
Update timeline
- resolved May 26, 2025, 12:25 AM UTC
Type: Incident Duration: 58 minutes Affected Components: Admin area, Custom domains, User export and import, Management API, , SMS delivery, Email delivery, Authentication, New user registration, AU region → May 26, 00:33:53 GMT+0 - Monitoring - We implemented a fix and are currently continuing to monitor. May 26, 00:35:49 GMT+0 - Identified - Some customers are still getting 5xx errors, we are continuing to work on a fix for this incident. May 26, 00:25:33 GMT+0 - Investigating - We are currently investigating this incident. May 26, 01:04:05 GMT+0 - Monitoring - Customer domains are functioning. The team is actively monitoring still. May 26, 01:23:10 GMT+0 - Resolved - Customer domains are back online. The team are actively monitoring all systems still. We experienced a DDoS for approximately 30 minutes and have been working with our cloud providers to mitigate the attack. More information will be provided via customer channels. May 30, 06:14:02 GMT+0 - Postmortem - At 10:15 AEST on 27 May 2025, a DDoS attack targeting Kinde's application endpoints caused timeout errors for customers in the AU region for approximately 45 minutes and intermittently for customers in the US region. The team mitigated the attack by blocking malicious traffic and implementing further anti-DDoS measures. From the period between 10:00 and 11:15, hundreds of millions of requests were blocked. Kinde will continue working with our cloud service and security providers to ensure that customer impact to our services is minimised.