Microsoft says it has lost ‘weeks’ worth of security logs for some products
Microsoft lost more than two weeks of security logs for some of its cloud products, the media are reporting. Logs are important because they help IT teams keep track of possible intrusions and other cyberattacks, so not having this information for more than two weeks puts the users at risk.
Multiple media outlets, including TechCrunch and Business Insider, reported on the loss, stating that it was Microsoft who notified the users about the problem. In the notification, the company said that the loss was not due to a security incident or an attack, but rather came as a result of a software flaw:
“A bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform,” Microsoft was cited saying. The malfunction took place between September 2 and September 19.
Entra, Sentinel, and others
As per these reports, the malfunction affected a couple of products: Microsoft Entra, Sentinel, Defender for Cloud, and Purview. Affected customers “may have experienced potential gaps in security related logs or events, possibly affecting customers’ ability to analyze data, detect threats, or generate security alerts,” the company said in the notification.
TechCrunch reached out to John Sheehan, a Microsoft corporate vice president, who did not share more details about the bug, but did say that Microsoft fixed it: “We have mitigated the issue by rolling back a service change. We have communicated to all impacted customers and will provide support as needed,” he told the publication.
Logs are records of events and actions generated by applications or systems. They are used for debugging issues, monitoring performance, and auditing security. By capturing information about the system’s operation, logs help developers troubleshoot problems, track system health, and identify potential security threats. That makes them a crucial tool in spotting and tackling cyberattacks.
Via TechCrunch