At 10:15 AEST on 27 May 2025, a DDoS attack targeting Kinde's application endpoints caused timeout errors for customers in the AU region for approximately 45 minutes and intermittently for customers in the US region. The team mitigated the attack by blocking malicious traffic and implementing further anti-DDoS measures. From the period between 10:00 and 11:15, hundreds of millions of requests were blocked. Kinde will continue working with our cloud service and security providers to ensure that customer impact to our services is minimised.