We want to sincerely thank you all for your patience during the unexpected outage that affected the Cyberday app during Tuesday 10.6.2025. We understand how critical uninterrupted access is for your security work, and we’re very sorry for the trouble.

This message goes through the details of the recent incident and related early mitigation.

What happened?

On Tuesday 10.6.2025 at 9:03, our service provider Heroku experienced a high severity incident that affected their services globally and also Cyberday. Heroku is a globally used, popular PaaS offering from Salesforce.

During the incident, although our application code and database appeared to be running normally, the app was unable to make any external connections and thus Cyberday was unreachable to users.

After a few hours of downtime, the root cause of the incident was tracked down to Heroku's recent automated configuration update that disrupted network connectivity on customer instances. Heroku shared progress on the investigation on this thread on Salesforce Trust page ( https://status.salesforce.com/generalmessages/10001540 ).

Heroku was able to deploy a fix to production and the Heroku dashboard (used to control the related app dynos) was back online on 11.6.2025 at 0:48. This made it possible to recover Cyberday instances on Heroku platform. Cyberday app was fully functional again at 6:14.

We'll of course keep an extra eye on monitoring to verify that fixes have worked and Cyberday app is functioning as normally.  

This incident was purely related to app availability, and didn't include any issues for the confidentiality of your ISMS data or any other parts of the Cyberday app.

Cyberday team's additions

Cyberday has a 5+ year history with Heroku. Previously the longest outages we've experienced have been 2-20 minute downtimes (e.g. app environment restarts) due to some very clearly identified causes, and even these have happened extremely rarely. Needless to say, we were evaluating a very low probability for a lenghty downtime like this.

Also during the incident, it was very hard for us to evaluate the time needed recovery time for our customers, as the incident was so heavily related to our partner (and not our own actions). We did our best to give relevant information to our customers as soon as we had it.

Our mitigation steps (ongoing and future)

• Our Cyberday incident response team used the whole duration of the incident to develop and deploy a specialized contingency plan for similar downtime-causing issues with our key providers. If our service provider is experiencing issues and especially if their own incident response starts to get delayed, we will be able to faster deploy (even a partially degraded) Cyberday app with an alternative setup. Through this, your ISMS content could still be utilized in cases of service provider failures and we wouldn't experience such drastic complete downtime.  
• We’re following up closely with Heroku for a full incident report, especially to understand what changes they will implement to prevent similar incidents in the future. We will analyze this input and make related decisions depending on their analysis.
• We're also internally reviewing all the processes related to the incident (e.g. immediate incident communication, customer support, related monitoring and visibility, post-incident communication) to ensure we can get all the possible learning from this to improve our own information security management.

We're of course committed (maybe now more than ever) to continuously improving our cyber resilience and will also e.g. revisit our policies for partner selection and reducing dependancies of key providers.

We're here to help

If you experienced any specific issues during this outage that still need our attention, please don’t hesitate to contact us directly. We’re committed to learning from this and continuing to earn your trust.

Thank you again for your understanding and continued partnership.

Sincerely,
Aleksi Pulkkanen
Co-founder & COO, Cyberday
aleksi@cyberday.ai
https://cyberday.ai

‍