Microsoft Says It Lost Weeks of Security Logs For Its Customers' Cloud Products

Microsoft has informed its customers that it has lost over two weeks of security logs for some of its cloud products due to a bug in an internal monitoring agent. The logging outage occurred between September 2 and September 19, and it only affected the collection of log events, not caused by a security incident. The notification was first reported by Business Insider in October, but details have not been widely shared. Security researcher Kevin Beaumont noted that the notifications are likely only accessible to a small group of users with tenant admin rights. Logging is crucial for tracking events within a product, including user sign-ins and failed attempts, which helps network defenders identify potential intrusions. The missing logs could make it harder to detect unauthorized access to customers' networks during the two-week period. Microsoft's internal logging platform was affected by the malfunctioning agents. The company has not provided further details on the bug or how it plans to prevent such incidents in the future. The loss of security logs has raised concerns among customers about the reliability of Microsoft's cloud services.