Expel, Inc. Status

Expel Office 365 Phishing button

Identified - Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.

Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.

Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.

Contact support if you need assistance with this process.
Mar 17, 2025 - 10:03 EDT

Workbench availability Operational

Workbench global network connectivity Operational

Workbench login Operational

Workbench features Operational

Investigative actions Operational

File uploads Operational

Notifications Operational

Email Operational

Slack Operational

Teams Operational

Ticketing systems (via email, such as Jira) Operational

PagerDuty Operational

Opsgenie Operational

ServiceNow Operational

Assembler connectivity Operational

Alert ingestion Operational

Slack channels for customers Operational

Phishing submissions Operational

Operational

Degraded Performance

Partial Outage

Major Outage

Maintenance

System Metrics Month Week Day

Workbench global network connectivity

Fetching

Workbench availability

Fetching

Past Incidents

Mar 19, 2025

Scheduled Infrastructure Maintenance

Completed - The scheduled maintenance has been completed.
Mar 19, 07:00 EDT

In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Mar 19, 06:00 EDT

Scheduled - We will be undergoing routine maintenance between 06:00 - 07:00 ET on March 19th. During the maintenance window, Workbench may be intermittently unavailable or slow.

All notifications and alerts will be processed during the maintenance window, but may be affected by intermittent delays.
Mar 13, 12:08 EDT

Mar 18, 2025

No incidents reported.

Mar 17, 2025

Expel Office 365 Phishing button

Resolved - Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.

Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.

Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.

Contact support if you need assistance with this process.
Mar 17, 10:01 EDT

Update - Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.

Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.

Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.

Contact support if you need assistance with this process.
Mar 16, 20:04 EDT

Update - Phishing submissions continue to be degraded for a small number of customers that use the custom Expel Office 365 button. We have identified the root cause and will be rolling out an update as soon as possible.

If your button isn’t working, talk directly with your Customer Success Manager (CSM), who will be able to offer you direct & tailored support as we work to resolve this. Alternatively, you can submit phishing emails manually. Visit our Help Center for step-by-step instructions.
Mar 15, 08:59 EDT

Identified - We have identified a potential root cause and are working on a remediation. The Office 365 Phishing Button continues to be degraded. We will provide another update as soon as possible.
Mar 14, 18:30 EDT

Update - We are continuing to investigate this issue and will provide an update by 6:30PM EDT.
Mar 14, 17:37 EDT

Update - We are continuing to investigate this issue and will provide an update by 5:30PM EDT.
Mar 14, 17:02 EDT

Update - We are continuing to investigate this issue and will provide an update by 5:00PM EDT.
Mar 14, 16:32 EDT

Investigating - We have identified a problem that is preventing Office 365 users from reporting phishing emails to Expel via Outlook. We will provide an update by 4:30PM EDT.
Mar 14, 15:41 EDT

Mar 16, 2025

Mar 15, 2025

Mar 14, 2025

Mar 13, 2025

No incidents reported.

Mar 12, 2025

Workbench Availability

Resolved - The incident has been resolved, and all systems are once again fully available. No customer data was lost, and SOC operations were not impacted.
Mar 12, 14:01 EDT

Monitoring - The upstream service provider has resumed healthy service, and we have resumed ingesting alerts. No events were lost during this incident. We will continue monitoring the issue and provide another update by 2:00pm EDT or resolve the incident if we see no further recurrence of the problem.
Mar 12, 13:46 EDT

Update - We have tentatively identified the root cause as an issue with our upstream service provider. We are continuing to investigate the source of the issue. Alert ingestion from Azure continues to be degraded. SOC operations are not otherwise affected. We will provide another update by 2:00pm EDT.
Mar 12, 13:32 EDT

Update - We are continuing to investigate the issue. Please expect another update by 1:30pm EDT.
Mar 12, 13:09 EDT

Investigating - At 12:12pm EDT, we began experiencing a problem with Microsoft Azure security devices that is preventing us from ingesting alerts. We will provide an update by 1:00pm EDT.
Mar 12, 12:41 EDT

Mar 11, 2025

Workbench Availability

Resolved - This incident has been resolved.
Mar 11, 13:34 EDT

Monitoring - We have rolled back the code change the caused the issue, and we believe we have resolved the login outage. We will continue monitoring login availability, and will update again or resolve the incident by 2:00pm EDT.
Mar 11, 13:14 EDT

Identified - We have identified an issue with a recent rollout of code that we believe to be the cause of the outage, and are currently rolling back to the previous known-good version. Please expect another update by 1:30pm EDT.
Mar 11, 13:10 EDT

Investigating - At 12:40pm EDT, we began experiencing a problem with workbench that is preventing users from logging in. We will provide an update by 1:30pm EDT.
Mar 11, 12:53 EDT

Mar 10, 2025

No incidents reported.

Mar 9, 2025

No incidents reported.

Mar 8, 2025

No incidents reported.

Mar 7, 2025

No incidents reported.

Mar 6, 2025

No incidents reported.

Mar 5, 2025

No incidents reported.