Cyberattack Behind Microsoft’s Latest IT Outage

Nearly two weeks after the CrowdStrike outage, Microsoft faced another major IT failure due to a cyberattack. 

The disruption affected Microsoft 365, Microsoft Teams and Microsoft Azure, and took down Microsoft’s video game services, including Xbox Live and Minecraft. Users were also unable to access emails on Outlook for almost 10 hours.

Microsoft confirmed the outage was caused by a distributed denial-of-service (DDoS) attack, where systems are intentionally overwhelmed by network traffic to cause them to crash.

Microsoft said the DDoS attack triggered the company’s protection mechanisms, which, due to an implementation error, “amplified the impact of the attack rather than mitigating it.”

Microsoft has since rolled out a fix, though some downstream services took longer to recover.

“Customer impact began at 11:45 UTC… Failure rates returned to pre-incident levels by 19:43 UTC — after monitoring traffic and services to ensure that the issue was fully mitigated, we declared the incident mitigated at 20:48 UTC,” the company said on its Azure status history page.

The company’s support team posted on X (Twitter) saying it “sincerely apologize[d]” for the outage.

“Our team will be completing an internal retrospective to understand the incident in more detail,” Microsoft said, adding that it plans to publish a review of the incident within 72 hours of the outage, detailing what happened and its response.

Related:CrowdStrike Outage Could Cost Fortune 500 Companies $5.4B

The lengthy outage came hot on the heels of the worldwide IT outage, caused by CrowdStrike during a software update, which took down systems running Windows all over the globe.

In the wake of that incident, CrowdStrike CEO George Kurtz has been summoned to testify before Congress to be grilled on an incident that could cost Fortune 500 companies $5.4 billion.

Cybercriminals have also sought to take advantage of the recent CrowdStrike outage, with threat actors distributing malware disguised as recovery manuals.