Unexpected Traffic Spike Affecting Backend and Email Services

Incident Report for L and L

Postmortem

Incident Postmortem: Unusual Traffic Spike on Onboarding Flow

Date: 27 Nov 2025
Status: Resolved

Summary

A sudden surge of automated traffic targeted our onboarding endpoints, leading to temporary disruption of new account creation and waitlist submissions. The rest of the platform remained stable.

Impact

Some users were unable to sign up or join the waitlist.
No existing accounts or core services were affected.
No data access or data loss occurred.

Root Cause

The disruption was triggered by a coordinated burst of scripted traffic directed at publicly accessible onboarding routes. While the traffic did not penetrate any protected systems, it overwhelmed rate limits and triggered protective shutdowns.

Mitigation & Resolution

Temporarily disabled the affected onboarding services.
Added additional screening and validation layers to reduce abusive traffic.
Cleaned up invalid/bot-created entries.
Restored all services after confirming system stability.

Prevention & Next Steps

To minimize the risk of similar events, we are:

Strengthening traffic filtering and automated abuse protections.
Improving monitoring around onboarding endpoints.
Enhancing alerting thresholds to respond faster.
Reviewing all public-facing flows for additional hardening opportunities.

Final Note

The incident has been fully resolved and systems are stable. We appreciate your patience as we reinforced our protections.

Posted Nov 27, 2025 - 12:24 UTC

Resolved

Status: Resolved

The issue causing abnormal traffic to our onboarding flow has been fully addressed. All systems are operating normally, and no further impact is expected.

We’ll continue to apply additional safeguards to prevent similar disruptions. Thank you for your patience.

Posted Nov 27, 2025 - 12:23 UTC

Monitoring

Status: Monitoring

We’ve deployed a mitigation for the unusual traffic pattern affecting our authentication flow. New sign-ups are behaving as expected, and system performance has returned to normal.

We’re currently monitoring the situation to ensure stability. No action is required from users at this time.

Posted Nov 27, 2025 - 11:47 UTC

Identified

Status: Identified
Impact: Backend API remains offline
Time: 27 Nov 2025, 02:00 EAT

We have identified the cause of the incident.
An unusually high volume of automated requests targeted our public onboarding routes, overwhelming parts of our infrastructure and triggering protective limits.

The affected endpoints have now been secured with additional verification steps and stricter traffic controls. We are continuing to roll out further safeguards to prevent recurrence.

Our team is preparing the system for a safe restart.

Next Update: Within 30–60 minutes.

Posted Nov 27, 2025 - 00:24 UTC

Investigating

Status: Investigating
Impact: Backend API offline
Start Time: 27 Nov 2025, 02:00 EAT

We are currently experiencing an unexpected spike in automated traffic targeting our backend infrastructure. As a precaution, we have temporarily taken the backend API offline to protect system stability and prevent service degradation.

Our team is actively investigating the source of the traffic and implementing additional safeguards, including rate limiting, traffic filtering, and enhanced security controls.

During this time:

Dashboard and API requests may fail

Email-based actions (verification, password resets, invites) are unavailable

Some background processes are paused

We will provide an update as soon as normal service is restored.

Thank you for your patience.

Next Update: Within 30–60 minutes

Posted Nov 27, 2025 - 00:04 UTC

This incident affected: Backend Server and App.