Topics
late
AI
Amazon
Image Credits:Bryce Durbin / TechCrunch
Apps
Biotech & Health
Climate
Image Credits:Bryce Durbin / TechCrunch
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fundraise
appliance
gage
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
startup
TikTok
Transportation
speculation
More from TechCrunch
consequence
Startup Battlefield
StrictlyVC
newssheet
Podcasts
video recording
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Microsoft has apprize customers that it ’s missing more than two weeks of security department logs for some of its swarm products , leaving connection guardian without vital data for notice possible intrusions .
According to a notice sent to impact customer , Microsoft said that “ a glitch in one of Microsoft ’s internal monitoring agent resulted in a malfunction in some of the agents when uploading log information to our internal logging program ” between September 2 and September 19 .
The notification enunciate that the logging outage was not get by a security incident , and “ only bear on the collecting of log events . ”
Business Insiderfirst reportedthe loss of log datum originally in October . Details of the notification have not been widely reported . As mention bysecurity researcher Kevin Beaumont , the apprisal that Microsoft institutionalise to affected troupe are likely accessible only to a handful of users with tenant admin rights .
Logging help to keep track of events within a Cartesian product , such as information about user signing in and give way attempts , which can help mesh defender name suspected intrusions . Missing logs could make it more difficult to identify unauthorized access to the customers ’ internet during that two - week windowpane .
The stirred products include Microsoft Entra , Sentinel , Defender for Cloud , and Purview , according to the Business Insider write up . Affected customers “ may have experience potential gaps in security connect logs or events , possibly affecting customers ’ ability to analyze data , detect threats , or generate protection alerts , ” the telling said .
Microsoft would not answer specific questions about the logging outage , but a Microsoft executive confirmed to TechCrunch that the incident was triggered by an “ operational bug within our inner monitoring factor . ”
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
“ We have extenuate the issue by rolling back a service modification . We have communicated to all bear upon client and will provide support as needed , ” said John Sheehan , a Microsoft collective frailty president .
The logging outage comes a twelvemonth after Microsoftcame under attack from federal investigatorsfor withholding security logs from sure U.S. federal government department that host their emails on the company ’s hardened , government - only swarm ; investigators said have access to those logs could have name a serial of China - back up usurpation far preferably .
The China - plump for intruders , referred to as Storm-0558 , broke into Microsoft ’s connection and stole a digital skeleton key that provide the hack unfettered access to U.S. political science emails stored in Microsoft ’s cloud . fit in to agovernment - issued postmortem examination of the cyberattack , the State Department identify the intrusions because it paid for a gamey - tier Microsoft permit that grant approach to security measures logs for its swarm products , which many other hack U.S. administration agencies did not have .
Carly Page contributed reporting .
