Explorer

Microsoft Admits Losing Weeks Of Security Logs For Its Customers’ Cloud Products, Here's What It Means

A Microsoft executive confirmed that the incident was caused by an “operational bug within our internal monitoring agent.”

The troubles for Microsoft and its users seem to be everlasting. The tech giant has recently admitted that it is missing more than two weeks of security logs of its cloud products which has left network defenders without critical data for detecting possible intrusions. As per TechCrunch, a notification was sent to the affected users in which Microsoft stated, “a bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform” between September 2 and September 19. 

Microsoft added that the logging outage was not caused by a security incident, and it had “only affected the collection of log events.” 

According to a security researcher, Kevin Beaumont, the notifications that Microsoft had sent to the affected companies are most probably only accessible to a handful of users with tenant admin rights, reported TechCrunch. 

The notification further said, “May have experienced potential gaps in security related logs or events, possibly affecting customers’ ability to analyse data, detect threats, or generate security alerts.”

ALSO READ | THIS Woman Beats Elon Musk By Becoming Top Donor To Donald Trump For US Presidential Election Campaign

What Is Logging, Which Products Have Been Affected?

Logging is essential for monitoring events within a product, such as tracking user sign-ins and failed login attempts, which can assist network defenders in spotting potential intrusions. Without proper logs, it becomes harder to detect unauthorized access to customer networks during the two-week period in question.

The impacted products, as noted in the Business Insider report, include Microsoft Entra, Sentinel, Defender for Cloud, and Purview.

TechCrunch report stated that a Microsoft executive confirmed that the incident was caused by an “operational bug within our internal monitoring agent.”

John Sheehan, a Microsoft corporate vice president, said, “We have mitigated the issue by rolling back a service change. We have communicated to all impacted customers and will provide support as needed.”

Why Does It Matter?

The logging outage comes a year after Microsoft faced criticism from federal investigators for not providing certain US government departments with security logs. These departments used Microsoft’s government-only cloud for hosting emails. Investigators believe that if those logs had been available, China-backed cyber intrusions could have been detected much earlier.

The cyber attackers, known as Storm-0558, infiltrated Microsoft’s network and stole a master key, granting them unrestricted access to US government emails stored in Microsoft’s cloud.

A government review of the attack revealed that the State Department was able to detect the breach because it had a higher-tier Microsoft license that included access to security logs, a benefit other affected government agencies lacked. In response to these hacks, Microsoft announced it would start providing log access to lower-tier cloud accounts starting in September 2023.

View More
Advertisement
Advertisement
25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Advertisement

Top Headlines

Bihar MLA Ritlal's Brother Accused Of Shooting At AIIMS Security Officer Surrenders To Police
Bihar MLA Ritlal's Brother Accused Of Shooting At AIIMS Security Officer Surrenders To Police
After 'Zero' Electricity Bill For 6 Months, Sambhal MP Zia ur Rahman Booked For Power Theft
After 'Zero' Electricity Bill For 6 Months, Sambhal MP Zia ur Rahman Booked For Power Theft
5 Terrorists Killed In Jammu And Kashmir's Kulgam, Search Operation On
5 Terrorists Killed In Jammu And Kashmir's Kulgam, Search Operation On
BJP MP Pratap Sarangi Injured After Rahul Gandhi 'Shoved' Him During Parliament Protest
BJP MP Pratap Sarangi Injured After Rahul Gandhi 'Shoved' Him During Parliament Protest
Advertisement
ABP Premium

Videos

Rahul Gandhi Linked to Incident That Led to BJP MP Mukesh Rajput’s HospitalizationBJP MP Mukesh Rajput Hospitalized in ICU After Alleged Push by Rahul GandhiHeated Exchange in Parliament as Opposition Targets Amit Shah Over Ambedkar RemarksLucknow Protest Turns Tragic: Congress Worker Dies, Police Investigation Underway

Photo Gallery

Embed widget