Source URL: https://it.slashdot.org/story/24/10/19/0114211/microsoft-says-it-lost-weeks-of-security-logs-for-its-customers-cloud-products?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Microsoft Says It Lost Weeks of Security Logs For Its Customers’ Cloud Products
Feedly Summary:
AI Summary and Description: Yes
Summary: Microsoft has suffered a significant logging outage across its cloud products, which lasted for over two weeks, impacting critical security data for customers. This incident raises concerns about cloud security and the implications of missing log data for network defenders tasked with detecting intrusions.
Detailed Description:
– Microsoft informed its cloud product customers that due to a bug in an internal monitoring agent, there was a failure in the upload of security logs from September 2 to September 19, which lasted for more than two weeks.
– The company assured customers that this outage was not related to any security incident but only impacted the logging of events, which is crucial for identifying possible unauthorized access.
– Business Insider highlighted that the notification about this issue was not reported broadly, suggesting that it may only be available to a limited audience with tenant admin rights.
– Security researchers note that the absence of logging makes it significantly harder for network defenders to track events like sign-ins and failed attempts to log in, which are pivotal for spotting suspicious activities or potential breaches during the period of missing data.
Key Points:
– **Logging Outage Duration**: Over two weeks.
– **Dates Affected**: September 2 – September 19.
– **Root Cause**: Bug in an internal monitoring agent.
– **Nature of the Incident**: Not a security breach, but a significant lapse in log data collection.
– **Effects**: Hinders the ability of network defenders to monitor and trace unauthorized access or potential intrusions.
Overall, this incident highlights the critical importance of maintaining robust logging mechanisms in cloud environments for security and compliance, emphasizing the need for vigilance even in non-breach scenarios.