A routine maintenance operation on Anthropic's primary application database triggered severe I/O degradation on March 11, 2026, knocking Claude.ai offline for just over three hours. The disruption began at 14:17 UTC; database errors returned to baseline at 17:11, but engineers spent another 17 minutes identifying the root cause and implementing a fix before issuing an all-clear at 17:28 UTC. During that window, Claude.ai requests slowed dramatically or failed entirely, and new and refreshed authentication sessions for both Claude Code and the Anthropic Console were blocked.
For developers, the auth block was the costly part. Teams running Claude Code in automated workflows — CI/CD pipelines, IDE integrations, agentic overnight sessions — found their tooling stalled when session credentials couldn't be refreshed. Anthropic posted its first status update at 14:44 UTC, 27 minutes after the incident began. Root cause was formally identified at 17:19; a fix was implemented at 17:22; the all-clear came at 17:28. A postmortem followed at 17:56.
What the incident makes concrete is the fault-line between Anthropic's API infrastructure and its consumer authentication layer. The Claude API — accessed via API keys through the developer platform — ran without interruption because it sits on a separate stack from the auth database that failed. That separation has a practical consequence enterprises should be mapping: an integration built on API keys carries a different failure profile than one depending on Claude Code's session tokens, which route through the same auth infrastructure. Teams running Claude Code in production with rotating session credentials were exposed to this outage in a way that a direct API key integration was not.
The postmortem Anthropic published names the cause — I/O degradation from a maintenance operation — and stops there. No specifics on what the maintenance involved, no explanation of why a routine operation hit the production database hard enough to cause a three-hour outage, no stated remediation steps. For a security-sensitive infrastructure disclosure that restraint is defensible, but it leaves enterprise customers with no basis for assessing recurrence risk. That's a real problem for any team with SLA commitments built around Claude Code. 'A routine maintenance operation caused degraded I/O' is a holding statement, not a postmortem. If you're in that position, the question worth putting directly to your Anthropic account team isn't what happened — it's whether it can happen again next quarter.