Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. The issue started when the Workers KV (Key-Value) system went completely offline, affecting multiple edge computing and AI services.
The root cause of the outage was a failure in the Workers KV underlying storage infrastructure due to a third-party cloud provider outage. Cloudflare’s Workers KV service relies on this infrastructure for configuration, authentication, and asset delivery across affected services.
The impact of the incident varied across different services, with Workers KV experiencing a 90.22% failure rate. Access, WARP, Gateway, and other services suffered critical failures in identity-based authentication and session handling due to reliance on Workers KV. Browser Isolation & Browser Rendering failed to initiate or maintain link-based sessions.
Cloudflare has determined the following impact of the incident:
* Workers AI & AutoRAG were completely unavailable
* Durable Objects, D1, Queues experienced up to 22% error rates
* Realtime & AI Gateway faced near-total service disruption
* Zaraz & Workers Assets saw full or partial failure in loading or updating configurations and static assets
To prevent similar incidents in the future, Cloudflare plans to accelerate resilience-focused changes, including eliminating reliance on a single third-party cloud provider for Workers KV backend storage. The company will also implement cross-service safeguards and develop new tooling to gradually restore services during storage outages.
Source: https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe