Microsoft Azure experienced a significant outage on July 30 that lasted nearly 10 hours. The incident affected users globally, causing difficulties in accessing various Microsoft services, including Microsoft 365 products like Office and Outlook, as well as Azure. The tech giant has confirmed that the outage was triggered by a distributed denial of service (DDoS) cyberattack.
A DDoS attack floods services with traffic to bring them to a halt. According to Microsoft’s Azure status page, the outage started at approximately 11:45 am UTC and was resolved by 7:43 pm. A “subset of customers” experienced issues connecting to Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal, and “a subset of Microsoft 365 and Microsoft Purview services.”
Microsoft identified the “initial trigger event” as a DDoS attack.
Microsoft outage caused by DDoS attack
The company reported an unexpected usage spike that led to Azure Front Door and Azure Content Delivery Network components performing below acceptable thresholds, resulting in intermittent errors, timeouts, and latency spikes. Despite having protections in place, the DDoS attack was exacerbated by an error in the implementation of the defense mechanisms, which amplified the attack’s impact rather than mitigating it.
Sean Wright, head of application security at Featurespace, noted, “An error occurred in the software that was used to protect against DDoS attacks. This highlights the importance of testing software thoroughly.”
Among the companies affected by this new outage was U.K. bank NatWest. In the wake of this outage, businesses that had comprehensive data protection solutions in place, like Microsoft 365 backup solution from NAKIVO, were able to mitigate the impact of downtime on their operations. Microsoft has communicated clearly throughout the outage, stating it will publish a Preliminary Post Incident Review within approximately 72 hours to share more details on what happened and how it responded.
For now, it appears that Microsoft services are back up and running. The incident occurred less than two weeks after another significant issue impacted Microsoft Windows.