Incident Postmortem

Postmortem for the April 2nd checkout outage, written by Owen Park. At 14:22 UTC our payment processing started returning 500 errors. Root cause was a Stripe webhook handler that wasn't handling a new event type (payment_method.automatically_updated) introduced in Stripe API 2026-03-15. The unhandled event caused our webhook processor to crash-loop, which backed up the queue and eventually starved the checkout flow of payment confirmations. About 340 customers saw failed checkouts over 47 minutes. We detected it through PagerDuty when error rate exceeded 5%. Fixed by deploying a catch-all handler and reprocessing the queue. Need to add webhook event type validation, set up a Stripe API changelog monitor, and load test the webhook queue under backpressure.