When the Cloud Goes Dark: Lessons from the AWS Outage

Heather Brooks

On what seemed like a normal Monday morning, millions of people around the world woke up to a digital silence. Apps that usually worked wouldn’t load. Dashboards kept going around and around. Banking portals showed unclear system errors. Tasks that used to go smoothly every day suddenly slowed down or stopped working altogether. As the minutes went by, a bigger picture started to come into focus: one of the most popular cloud service providers in the world was having a major outage in a certain area.

AWS(Amazon Web Services) had stumbled. And when AWS falters, the shockwaves are not subtle. They resonate through industries, across continents, and in user experiences. But the most jarring part was not that websites and apps malfunctioned. A temporary hiccup in a streaming service or a slight delay in an app would have been tolerable for more users. What surprised people was a far more private scene: smart devices in their homes were unresponsive.

For thousands of people, this was an uncomfortable wake-up call. Temperature-controlled systems were stuck. Smart lights failed to respond. Sleep gadgets that pledged to be a cure for the nighttime blues stopped working mid-operation. The outage exposed something deeper than mere temporary inconvenience: it showed how much the modern world has threaded itself through cloud infrastructure, and how brittle that reliance can be.

The AWS Outage Incident in Summary

On Monday, October 20th, 2025, an AWS region in US-East-1 (Northern Virginia), its oldest and one of the largest data-center clusters, suffered a massive outage. The underlying issue was linked to failures within internal subsystems , with one of those being the health-monitoring mechanism for network-load-balancers inside AWS’s EC2 internal network.

Another key component: A failure in DNS (Domain Name System) resolution and automatic DNS management attached to the database service DynamoDB, so services couldn’t effectively resolve addresses inside AWS.

Most services were back up and running by the end of the day, but the event made people think more deeply about resilience, dependency, and risk in the cloud era.

Why This Matters Beyond “Just An Outage”

Of course, an outage is just something to learn from on one level. But this event has a number of deeper meanings:

Single-Point Risk Despite “Distributed Cloud” Hype

Many companies think that moving to the cloud automatically makes them more resilient. But even with one of the biggest cloud providers, one region’s failure had effects all over the world. When a lot of services use the same infrastructure, the failure of one big provider can make the whole system less safe.

Invisible Internal Plumbing Matters

It wasn’t a dramatic data-center fire or a major network cut. The root cause was relatively obscure: a failure in health monitoring of load-balancers, compounded by a DNS automation defect. These internal “plumbing” components are rarely highlighted in risk models, yet they are exactly what can trigger the large-scale cascading failures.

Cascading Dependencies And “Hidden” Chains Of Effect

As many services rely on other services (one uses AWS for its database, another uses AWS for authentication, and so on), a breakdown in any corner can spread like wildfire. This is because there are even companies that aren’t AWS customers, but can still feel the aftershock through the upstream/downstream.

Operational Impact Goes Beyond Apps And Websites

The harm is more than just “the website is down.” In this instance, even consumer hardware like smart beds didn’t work properly because its cloud connection was down. That demonstrates there’s a risk zone which now covers IoT, embedded systems, physical operations, and devices, and not simply browsers and mobile applications.

Risk Shifting, Not Risk Elimination

Moving to the cloud often changes the type of risk you have (from owning hardware to owning service-dependency) instead of getting rid of it. Companies need to know that “cloud = no problems” is not true.

When AWS Failed, Eight Sleep Users Paid the Price

Among the many unlikely casualties of the AWS outage was Eight Sleep, the high-end smart mattress start-up whose product depends heavily on cloud-based communications for many of its core features. So you get a mattress that regulates its own temperature, monitors your sleep activity, maintains smart alarms, and syncs biometric data. Still, the magic happens thanks to Eight Sleep’s backend systems running on AWS.

As soon as AWS went offline, users began to report that their mattresses were no longer responding properly, with some stuck at extreme temperatures. The companion app wouldn’t connect at all, which meant customers were left without access to these essential capabilities, like changing the firmness setting, tinkering with a routine, or quelling disturbing temperature swings. Sleep tracking and health metrics stopped working completely, and smart alarms either went off at the wrong time or not at all, making many people sleep too long or wake up suddenly.

The outage also exposed the problematic cloud dependency of Eight Sleep’s design, in which users are stripped of all control over their mattresses; these devices have no offline concept and no physical controls. As AWS storms suffered, customers were left unable to control their temperature, access functions, or seek help in a timely fashion; a cloud outage suddenly metamorphosed into an earthly comfort and even a medical issue.

What customers experienced during the outage:

• Mattresses were stuck on very hot or very cold settings, which made it hard to sleep all night.
• Users couldn’t connect to the app, so they couldn’t change the temperature, firmness, or sleep schedule.
• There was no way to track sleep, monitor biometrics, or get nightly reports.
• Smart alarms didn’t go off when they were supposed to or did go off at the wrong times, which made people sleep too long or wake up too early.
• Some users said that their temperatures suddenly rose in the middle of the night because automation routines weren’t fully finished.
• The same outage affected customer support, which was already busy, so users couldn’t get help.
• A lot of people went to social media to talk about how the power outage affected their sleep, comfort, and health.

This shows that cloud dependency isn’t just for tech companies anymore; it’s now built into devices in the real world, and problems with them cause real-world problems, risks, and damage to reputations.

Key Lessons For Organizations

From a software-quality, infrastructure, business-continuity, and risk-management perspective, here are important takeaways:

Map your Upstream and Downstream Dependencies

Simply knowing that “we use AWS” is not sufficient. You will need to map out what services, features, devices, and APIs rely on that provider, and consider whether your dependencies are single-provider or multi-provider. Map your dependencies downstream as well: if AWS goes out, what internal/external systems that you rely on will also go down?

Check For Internal Service Failure Modes

Standardized risk models include data-center catching fire, network cut (sever the network link), and region-down. However, instead, inner subsystem issues (DNS, automated monitoring, and load-balancer health checks) are reliable failure vectors. A mature architecture must take into account internal errors within the provider infrastructure.

Build Fallback/Offline Capabilities

In the smart-bed case, there was no offline mode (e.g., user-controlled local temperature), which meant users were stuck. If your device acts on physical things or provides important services, consider that it can fail back to a local or degraded mode. For software-only services, see other hosting providers or a hybrid architecture.

Test Failure-Scenarios (Chaos Engineering)

Don’t just test scenarios where “everything works.” “if region US-East goes down,” “if DNS automation fails,” and “if load-balancers don’t distribute traffic” are all examples of how to simulate provider failures. You can find out about weaknesses before they happen by doing failover drills or “game days.”

For Quality Assurance Professionals: What This Means For Testing

This event is a great reminder for QA teams that non-functional risks are just as important as functional ones. Here are some ways QA can change:

• Add fault injection tests: Simulate infrastructure failures while the application is running. With tools or automated frameworks such as testRigor, teams can simulate real events, like unreachable databases or internal DNS failures. Read How to Automate Database Testing?
• Validate graceful failure: Make sure the app provides meaningful errors, gracefully handles failures, and logs failures properly. testRigor’s end-to-end flow checks can ensure that a user-facing failure degrades gracefully. Read Effective Error Handling Strategies in Automated Tests
• Expand your definition of “users”: Modern systems interact with IoT devices and physical appliances. Test the “cloud connection lost” case, especially for products that mirror the Eight Sleep organization, like dependencies.
• Monitor provider health: Set up monitoring and alerting, not only for your app, but also for provider health reports. Do you know when AWS regions are experiencing higher error rates?
• Create disaster recovery test suites: Build automated scenarios such as “What if the primary cloud provider goes down?” or “Can core features run offline?” Platforms like testRigor can help automate these high-risk workflows consistently.

Looking ahead: The Evolving Cloud Risk Horizon

Cloud architectures have come a long way, and big companies spend a lot of money on making sure their services are always available. However, the outage reminds us that as things get more complicated, so do the risks. Here are some new ideas to think about:

• As more devices connect to the cloud (smart homes, the Internet of Things, and cars), the “digital-physical” effects of outages will get worse. It’s not just websites anymore; it’s also beds, cars, and factories.
• AI and automation for providers are getting better, but automation can also cause new problems (bugs in the automation itself). This means that risk models need to change.
• Centralization is still a problem because a small number of big cloud providers support a large part of the internet. So, systemic risk (one provider’s big failure) is very real.
• There may be more pressure from regulators and governments to make critical infrastructure more resilient, have backup plans, and use multiple clouds.
• “Cloud-first” needs to change to “cloud-smart” for businesses. Instead of thinking that cloud = problem solved, they need to find a balance between speed, cost, and resilience.

Final Thoughts

People may one day call the recent AWS outage a “wake-up call” instead of just an event. It showed us how deeply ingrained our infrastructure choices are and how failures that aren’t obvious can become very obvious. The Eight Sleep example is a good metaphor: when your smart bed won’t respond, it’s your cloud that has collapsed beneath it.

The lessons are clear for organizations, especially those in QA, testing, infrastructure, and operations: know what you depend on, test adversity, and make backup plans. Tools like testRigor can help teams check that important flows are working and make sure that systems stay stable even when services that support them fail. The most important question is: what will you do differently when the next outage inevitably comes?

“We spent so much time on maintenance when using Selenium, and we spend nearly zero time with maintenance using testRigor.”

Keith Powe VP Of Engineering - IDT