Public post-mortems
Contents
For PostHog employees, see the post-mortem guidance for how and when to write a post-mortem.
This page contains public post-mortems for significant incidents at PostHog. We publish these because we believe transparency builds trust, and because we think the wider engineering community benefits from shared lessons.
For security-specific incidents, see our security advisories. For real-time status updates, check our status page.
Our approach to post-mortems
We write post-mortems to understand what happened, not to assign blame. Every incident is an opportunity to improve our systems and processes. Our post-mortems typically cover:
- A clear timeline of what happened
- Root cause analysis
- Impact assessment
- What went well and what went poorly
- Concrete remediation steps
Not every post-mortem is made public. Minor incidents that partially affect services are documented internally. We publish a public post-mortem when an incident results in permanent impact on user data (such as data loss), directly disrupts customers' own services (such as SDK bugs breaking customer sites) or result in extended unavailability of PostHog services for customers (e.g. if dashboards would not load for multiple hours).
For internal guidance on how we handle incidents, see handling an incident.
Public post-mortems
- Logs data loss – February 20, 2026
- Feature flags cache degradation – February 6, 2026
- Replay SDK fetch wrapper incident – January 17, 2026
- Shai-Hulud supply chain attack – November 26, 2025
- Persons database migration – November 15, 2025
- Feature flags recurring outages – October 21, 2025
- Surveys SDK bug – October 3, 2025
- Feature flags service outage – September 29, 2025