A Microsoft Azure outage on July 30, which lasted nearly 10 hours, was triggered by a distributed denial of service (DDoS) cyberattack, the tech giant has confirmed. The disruption affected several Microsoft services, including Microsoft 365 products like Office and Outlook, as well as Azure services. The incident occurred less than two weeks after a separate issue involving CrowdStrike led to crashes of Microsoft Windows machines.
The outage began at approximately 11:45 am UTC and was resolved by 19:43 pm. Companies impacted by the outage included U.K. bank NatWest. Microsoft reported that a “subset of customers” globally experienced difficulties accessing services such as Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, and others. The company attributed the outage to an “unexpected usage spike” resulting from the DDoS attack, which overwhelmed Azure Front Door and Azure Content Delivery Network components.
Sean Wright, head of application security at Featurespace, highlighted the importance of thoroughly testing software, as the DDoS attack revealed vulnerabilities in the systems designed to protect against such incidents. Microsoft acknowledged the unfortunate timing of the outage, which followed closely after the CrowdStrike incident. The company has communicated openly about the issue and plans to release a Preliminary Post Incident Review within approximately 72 hours to provide more details on the event and its response.
