An incident that occurred on February 26, 2021 caused degraded authentication services for customers hosted from NA2. This was caused by a scheduled database maintenance task that was introduced as part of the February release. The new maintenance tasks was written to prevent data buildup that has been related to past performance issues. This maintenance task introduced a condition that cause database performance degradation for some SecurID Access Pods, primely impacting North America pods NA2.
Mitigations
RSA is continuously taking steps to improve the RSA SecurID Access service and processes to help ensure such incidents do not occur in the future. This includes, but is not limited to:
· Once the problematic database operation was identified, it was disabled from all production instances.
· SecurID Engineering conducted a full review of this operation and has implemented an enhanced code review process for all changes at the DB level.