Microsoft 365 went down after a cyberattack — but don’t worry, it’s not another CrowdStrike-esque outage

10-hour Microsoft 365 outage raised fears of more disruption

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoft 365and a number of Azure services were taken offline for users following an attempted cyberattack on the company’s systems, it has confirmed.

Users around the globe saw services disrupted after a Distributed Denial-of-Service (DDoS) attack triggeredMicrosoft’s internal protection systems.

However in an embarrassing confession, the company admitted these systems actually seem to have “amplified the impact of the attack rather than mitigating it”.

Azure attack

Azure attack

“Between approximately at 11:45 UTC and 19:43 UTC on 30 July 2024, a subset of customers may have experienced issues connecting to a subset of Microsoft services globally,” anupdateon the official Azure status hub noted.

“Impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, as well as the Azure portal itself and a subset of Microsoft 365 and Microsoft Purview services.”

The company noted how an “unexpected usage spike” hit Azure Front Door (AFD) and Azure Content Delivery Network (CDN), causing them to under-perform, resulting in outages, timeout and latency spikes.

Microsoft says that after the attack was detected, it began investigating immediately, and the effects were under control around an hour and a half later. Following an initial rollout of a fix across the Asia Pacific and European networks, a global rollout took place and the issue appeared too be under control around right hours after the initial reports.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The issue came days aftera flawed CrowdStrike security updateled to potentially millions of Microsoft devices around the globe being taken offline, so the company is understandably on edge about any further issues.

Microsoft says it will now carry out a full internal investigation to “understand the incident in more detail” and pledged to publish an initial report within the next few days, with a full report coming within 14 days.

More from TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats