On July 30, a Microsoft Azure outage was confirmed to be triggered by a distributed denial of service (DDoS) cyberattack. Users reported difficulties accessing various Microsoft services, including Microsoft 365 products like Office and Outlook, as well as Azure.
The incident lasted nearly 10 hours and occurred shortly after a CrowdStrike update caused crashes on Microsoft Windows machines. Companies such as U.K. bank NatWest were affected by this outage.
The disruption began around 11:45 am UTC and was resolved by 7:43 pm, as per Microsoft's Azure status history page. A subset of customers globally experienced issues connecting to Microsoft services.
Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, Azure portal, and some Microsoft 365 and Microsoft Purview services were impacted. Microsoft attributed the initial trigger event to a DDoS attack, causing Azure Front Door and Azure Content Delivery Network components to perform below acceptable levels.
While most firms have defenses against DDoS attacks, an error in the implementation of Microsoft's protection mechanisms amplified the impact of the attack. The timing of this outage, following the CrowdStrike incident, added to the challenges faced by Microsoft.
Throughout the outage, Microsoft communicated clearly and plans to release a Preliminary Post Incident Review within 72 hours to provide more details on the incident and its response. Users are advised to configure and maintain Azure Service Health alerts for future notifications on Azure service issues.
Despite the challenges, Microsoft services are now operational, and the company aims to keep users informed and address any issues promptly.
