Yoti incident

INC-3723 (P1 - High Priority)

Critical Resolved View vendor source →

Yoti experienced a critical incident on May 10, 2026 affecting Digital ID and Identity verification and 1 more component, lasting 1d 19h. The incident has been resolved; the full update timeline is below.

Started
May 10, 2026, 08:12 PM UTC
Resolved
May 12, 2026, 03:54 PM UTC
Duration
1d 19h
Detected by Pingoru
May 10, 2026, 08:12 PM UTC

Affected components

Digital IDIdentity verificationIdentity verificationAge verificationIdentity verification portalAge estimationAge verificationAge estimationeSignaturesYoti Hub

Update timeline

  1. investigating May 10, 2026, 08:12 PM UTC

    We are experiencing issues with all our services.

  2. investigating May 10, 2026, 08:41 PM UTC

    we are still experiencing issues with all Yoti services.

  3. investigating May 10, 2026, 09:11 PM UTC

    we are still experiencing issues with all Yoti services.

  4. investigating May 10, 2026, 09:42 PM UTC

    we are still experiencing issues with all Yoti services.

  5. investigating May 10, 2026, 10:14 PM UTC

    we are still experiencing issues with all Yoti services.

  6. investigating May 10, 2026, 10:43 PM UTC

    we are still experiencing issues with all Yoti services.

  7. investigating May 10, 2026, 11:15 PM UTC

    We are experiencing issues with all our services.

  8. investigating May 10, 2026, 11:41 PM UTC

    we are still experiencing issues with all Yoti services.

  9. investigating May 11, 2026, 12:11 AM UTC

    we are still experiencing issues with all Yoti services.

  10. identified May 11, 2026, 12:20 AM UTC

    Service restoration is currently underway for most users. We appreciate your patience as we finalise the fix.

  11. identified May 11, 2026, 12:49 AM UTC

    Service restoration is currently underway for most users. We appreciate your patience as we finalize the fix.

  12. identified May 11, 2026, 01:19 AM UTC

    Service restoration is currently underway for most users. We appreciate your patience as we finalize the fix.

  13. identified May 11, 2026, 02:14 AM UTC

    Service restoration is currently underway for most users. We appreciate your patience as we finalise the fix.

  14. identified May 11, 2026, 02:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  15. identified May 11, 2026, 03:10 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  16. identified May 11, 2026, 03:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  17. identified May 11, 2026, 04:10 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  18. identified May 11, 2026, 04:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  19. identified May 11, 2026, 05:10 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  20. identified May 11, 2026, 05:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  21. identified May 11, 2026, 06:11 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  22. identified May 11, 2026, 06:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  23. identified May 11, 2026, 07:10 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  24. identified May 11, 2026, 07:39 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  25. identified May 11, 2026, 08:10 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  26. identified May 11, 2026, 08:40 AM UTC

    We are aware of an ongoing network-level incident affecting service availability for some customers. Mitigations have been applied and service has been substantially restored, however residual impact may still be observed in the form of intermittent timeouts or degraded performance.

  27. identified May 11, 2026, 09:07 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page

  28. identified May 11, 2026, 09:40 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page

  29. identified May 11, 2026, 10:10 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page.

  30. identified May 11, 2026, 10:56 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page.

  31. identified May 11, 2026, 11:26 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page.

  32. identified May 11, 2026, 11:56 AM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page.

  33. identified May 11, 2026, 12:26 PM UTC

    Last night, Yoti experienced a targeted and sustained DDoS (denial of service) attack which impacted availability across parts of the Yoti platform. Our security and engineering teams responded immediately and are working to restore all services. We continue to monitor closely and will keep you informed of any further developments on this page.

  34. identified May 11, 2026, 12:56 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  35. identified May 11, 2026, 01:26 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  36. identified May 11, 2026, 01:56 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  37. identified May 11, 2026, 02:26 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  38. identified May 11, 2026, 02:56 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  39. identified May 11, 2026, 03:26 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  40. identified May 11, 2026, 03:56 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  41. identified May 11, 2026, 04:26 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  42. identified May 11, 2026, 04:55 PM UTC

    We are still experiencing a targeted and sustained DDoS (Denial of Service) attack which has impacted availability of parts of the Yoti platform. Our security and engineering teams are continuing to work on restoring all services and will keep you informed of further developments on this page.

  43. identified May 11, 2026, 05:22 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. We would like to assure all our customers that this is a Denial of Service attack and all customer data remains secure.

  44. identified May 11, 2026, 05:53 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  45. identified May 11, 2026, 06:23 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  46. identified May 11, 2026, 06:53 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  47. identified May 11, 2026, 07:24 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  48. identified May 11, 2026, 07:54 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  49. identified May 11, 2026, 08:25 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  50. identified May 11, 2026, 08:54 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  51. identified May 11, 2026, 09:24 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  52. identified May 11, 2026, 10:08 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  53. identified May 11, 2026, 10:24 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  54. identified May 11, 2026, 10:54 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  55. identified May 11, 2026, 11:26 PM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  56. identified May 12, 2026, 12:04 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  57. identified May 12, 2026, 12:30 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  58. identified May 12, 2026, 01:00 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  59. identified May 12, 2026, 01:30 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  60. identified May 12, 2026, 02:00 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  61. identified May 12, 2026, 02:30 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  62. identified May 12, 2026, 03:00 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  63. identified May 12, 2026, 03:30 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  64. identified May 12, 2026, 04:00 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  65. identified May 12, 2026, 04:30 AM UTC

    A targeted and sustained DDoS (Denial of Service) attack continues to affect the Yoti platform. Our security and engineering teams are working alongside our anti DDoS provider to restore services. We are starting to see an improvement in some services and will continue to update this page as soon as we have more information. While this is causing some connection issues, please be mindful that all user data is safe and unaffected.

  66. identified May 12, 2026, 05:00 AM UTC

    We have now made significant progress in restoring operational service across the Yoti platform. We are continuing to work on an additional fix and will update shortly.

  67. monitoring May 12, 2026, 05:47 AM UTC

    We have fixed the Digital ID,Identity verification,Age verification,Age estimation, eSignatures, Yoti Hub, Yoti Website, Yoti Password Manager, Yoti Web Account, UK Post Office In-branch verification (IBV), Yoti Verified Calls, Credentials services. Our engineers will monitor the situation until we declare the incident resolved.

  68. monitoring May 12, 2026, 06:31 AM UTC

    Pleased to update that the measures taken have now significantly improved access to Yoti services and we are now actively monitoring the situation.

  69. monitoring May 12, 2026, 07:04 AM UTC

    Pleased to update that the measures taken have now significantly improved access to Yoti services and we are now actively monitoring the situation.

  70. monitoring May 12, 2026, 10:10 AM UTC

    We are pleased to report that all services are currently returning to normal operational levels. Our technical teams have successfully identified and implemented a permanent fix; as a result, core functionality has been restored across our entire product suite. Whilst systems are stable, we are entering a period of extended monitoring. We will be closely tracking all products and user sessions to ensure that performance remains consistent under full load. We intend to officially mark this incident as Resolved once we are confident in the long-term stability of the environment. Should you experience any performance issues, please reach out to our Customer Support Team. We appreciate your patience whilst we worked to restore your service.

  71. resolved May 12, 2026, 03:54 PM UTC

    All Yoti services have been restored to normal operation. The recent disruption caused by a targeted DDoS attack was resolved through the implementation of enhanced network security and traffic filtering. Our systems are now operating under reinforced protection to ensure continued availability.

  72. postmortem May 12, 2026, 03:54 PM UTC

    **Sunday 10th May 2026 - Tuesday 12th May** We are pleased to confirm that all Yoti services have returned to normal operation following a period of service instability. Starting on the evening of May 10th, our network was targeted by a highly orchestrated and large-scale distributed DDoS attack. This was a coordinated attempt to overwhelm our systems with high volumes of traffic, which resulted in intermittent outages and access issues across our platform. We would like to reassure you that this was a connectivity-based attack. At no point was the integrity of our core systems or your personal data compromised. To resolve the issue and protect against future attacks, we have: * Successfully migrated our network traffic to a global, industry-leading protection service \(Cloudflare\). * Implemented enhanced filtering to block malicious traffic before it reaches our services. * Increased our infrastructure capacity to better handle unexpected traffic spikes. We sincerely apologise for the disruption to your service and thank you for your patience while our teams worked around the clock to resolve this.