Full Report
AWS outage has taken down millions of websites, including Amazon.com, PrimeVideo, Perplexity AI, Canva and more. [...]
Analysis Summary
# Incident Report: Major AWS US-EAST-1 Service Disruption
## Executive Summary
On October 20, 2025, a major service disruption originating in the AWS US-EAST-1 region caused widespread outages affecting millions of online services including Amazon.com, PrimeVideo, Fortnite, and Canva. The incident involved increased error rates and latencies impacting multiple critical AWS services. Response involved AWS actively engaging to mitigate the issue, with some affected services beginning recovery approximately 45 minutes after the initial reports.
## Incident Details
- Discovery Date: October 20, 2025
- Incident Date: October 20, 2025 (Starting approx. 30 minutes prior to time of reporting)
- Affected Organization: Amazon Web Services (AWS) (Disrupting numerous downstream customers)
- Sector: Cloud Infrastructure/Technology (Affecting E-commerce, Media, Gaming, AI services)
- Geography: Global (Affecting consumers in United States and Europe, originating from US-EAST-1)
## Timeline of Events
### Initial Access
- Date/Time: Approximately 30 minutes before report time (October 20, 2025)
- Vector: Internal AWS infrastructure failure/disruption within the US-EAST-1 Region.
- Details: AWS confirmed increased error rates and latencies affecting multiple core services.
### Lateral Movement
- Not Applicable. This was a service availability incident/outage originating from the cloud provider infrastructure, not a malicious intrusion with lateral movement across customer networks.
### Data Exfiltration/Impact
- Impact: Widespread service unavailability for customers reliant on US-EAST-1, including inability to log in (Fortnite) and core application functionality failure (Canva, Perplexity AI).
### Detection & Response
- Detection: Multiple independent service owners (Epic Games/Fortnite, Perplexity, Canva) publicly confirmed service disruptions. AWS Health page confirmed awareness of disruption.
- Response Actions: AWS stated they were "actively engaged and working to both mitigate the issue and understand root cause." Some services began recovering after 45 minutes.
## Attack Methodology
- Initial Access: Infrastructure Failure (Internal AWS issue in US-EAST-1).
- Persistence: N/A (Not an intrusion).
- Privilege Escalation: N/A.
- Defense Evasion: N/A.
- Credential Access: N/A.
- Discovery: N/A.
- Lateral Movement: N/A.
- Collection: N/A.
- Exfiltration: N/A.
- Impact: Denial of Service/Availability degradation due to infrastructure failure.
## Impact Assessment
- Financial: Undisclosed. Likely significant revenue loss for impacted e-commerce, gaming, and service providers (Amazon, Fortnite, Robinhood, etc.).
- Data Breach: None identified; this was an availability incident.
- Operational: Significant operational disruption for numerous major online services relying on the US-EAST-1 region.
- Reputational: Negative impact on consumer trust regarding the stability of foundational cloud infrastructure.
## Indicators of Compromise
- Network Indicators: Increased error rates and latencies reported from US-EAST-1 region endpoints (defanged).
- File Indicators: N/A.
- Behavioral Indicators: System-wide failure to process requests for numerous dependent services.
## Response Actions
- Containment measures: Mitigation efforts undertaken by AWS engineers within the US-EAST-1 environment.
- Eradication steps: Root cause analysis and remediation of the underlying service issue.
- Recovery actions: Services gradually restored functionality (reported recovery starting after 45 minutes).
## Lessons Learned
- Key Takeaways: Over-reliance on a single AWS region (US-EAST-1) creates a massive single point of failure for interconnected global services.
- What could have been done better: Downstream customers need robust multi-region or multi-cloud failover strategies for critical components like authentication services.
## Recommendations
- Prevention measures for similar incidents: Organizations should review their disaster recovery plans, ensuring critical services have active redundancy spanning multiple AWS regions to mitigate the impact of regional outages. Case creation via Support API was also noted as potentially impacted, stressing the need for offline/out-of-band communication channels.