Zefort incident

Users may not able to access binders and contracts shared to them

Major Resolved View vendor source →

Zefort experienced a major incident on February 5, 2025 affecting my.zefort.com, lasting 5h 23m. The incident has been resolved; the full update timeline is below.

Started
Feb 05, 2025, 07:21 AM UTC
Resolved
Feb 05, 2025, 12:45 PM UTC
Duration
5h 23m
Detected by Pingoru
Feb 05, 2025, 07:21 AM UTC

Affected components

my.zefort.com

Update timeline

  1. investigating Feb 05, 2025, 07:21 AM UTC

    We are currently investigating an issue with binder visibility. Users may not have access to all binders and contracts that they have been given permission to.

  2. investigating Feb 05, 2025, 07:22 AM UTC

    We are continuing to investigate this issue.

  3. investigating Feb 05, 2025, 07:42 AM UTC

    We have identified the issue and are working on a fix to restore user access to binders and contracts.

  4. investigating Feb 05, 2025, 09:10 AM UTC

    A fix is being deployed and users should start seeing their access to binders and contracts restored.

  5. monitoring Feb 05, 2025, 10:35 AM UTC

    Access to all users has been restored. We are still monitoring the situation closely.

  6. resolved Feb 05, 2025, 12:45 PM UTC

    This incident has been resolved.

  7. postmortem Feb 13, 2025, 09:04 AM UTC

    ## Summary We encountered an issue where duplicate or overlapping permission entries in our database were causing complexity and performance concerns. To improve efficiency, we performed a cleanup to remove these duplicates. However, due to a logic error in the update process, some valid permission entries were mistakenly removed. Despite our testing, we did not catch this issue before deployment. **Impact:** As a result, many users temporarily lost access to some content they should have had access to. No data was lost, only the ability to view or manage certain content was affected. ## Resolution Once the issue was identified, we restored affected permissions from backups. Our team conducted a thorough review, including going through logs, to ensure all permissions were correctly reinstated. We also took steps to ensure that contracts received via email during the incident, which may have been affected by missing permissions, were properly ingested. ## Next Steps To prevent similar incidents in the future, we are: * Enhancing automated tests to better detect unintended data modifications. * Improving our review processes for database migrations and cleanup operations. We sincerely apologize for any inconvenience this may have caused. We remain committed to improving our processes to provide a more reliable service. If you have any concerns or need assistance, please contact our support team.