Incident March 30th, 2026 – Accidental CDN Caching
4 hours ago
- #p
- #d
- #e
- #r
- #C
- #u
- #a
- #c
- #t
- #o
- #v
- #D
- #i
- #
- #N
- #,
- #y
- #s
- #S
- #I
- #n
- Railway experienced an incident where CDN features were accidentally enabled for some domains with CDN disabled, causing HTTP GET responses to be cached incorrectly.
- During a 52-minute window on March 30, 2026, cached responses may have served authenticated data to unauthenticated users, potentially exposing user-specific pages to others.
- The issue was identified and reverted by 11:34 UTC, with all cached assets purged globally, and affected users will be notified via email.
- Railway has implemented additional tests for caching behaviors and aggressive sharding of CDN rollouts to prevent future occurrences, prioritizing safety and security.