The latest event was an eight-hour outage that disrupted certain cloud and Office services. The event was sparked by a cyber attack — and exacerbated by Microsoft’s own security measures.
On Tuesday, customers began reporting difficulties connecting to various Azure services, and to “a subset” of services from Microsoft 365 and the company’s data security and data governance solution, Microsoft Purview, according to Microsoft. The outage lasted from 6:45 a.m. ET to 2:43 p.m. ET, and the event was declared fully mitigated by 3:48 p.m. ET.
Banks, courts and utility services reported effects, according to Infosecurity Magazine, and BBC noted that England and Wales’ HM Courts and Tribunals Service, the Dutch football team FC Twente and NatWest bank saw some of their online services disrupted. Some users reported issues with Outlook, Azure and the Minecraft video game, Infosecurity Magazine reported, while BBC said cloud systems Intune and Entra were affected.
The outage was started by a distributed denial-of-service (DDoS) attack, in which services are overloaded with traffic. The DDoS attack hit two Azure content delivery solutions, Azure Front Door and Azure Content Delivery Network. “DDoS protection mechanisms” triggered in response, the company said, but something went awry.
“Initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it,” Microsoft wrote in its blog post.
The company revised its mitigation approach and rolled it out, first in Europe and Asia Pacific regions, then to the Americas.