Microsoft says it has lost 'weeks' worth of security logs for some products
Logs are an important tool in tackling cyberattacks
Microsoft has admitted it lost more than two weeks of security logs for some of its cloud products, raising potentially concerning security risks.
Microsoft reportedly users about the problem, saying the loss was not due to a security incident or an attack, but rather came as a result of a software flaw.
“A bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform,” Microsoft was cited saying. The malfunction took place between September 2 and September 19.
Entra, Sentinel, and others
Logs are important because they help IT teams keep track of possible intrusions and other cyberattacks, so not having this information for more than two weeks puts the users at risk.
As per the reports, the malfunction affected a couple of products: Microsoft Entra, Sentinel, Defender for Cloud, and Purview. Affected customers “may have experienced potential gaps in security related logs or events, possibly affecting customers’ ability to analyze data, detect threats, or generate security alerts,” the company said in the notification.
TechCrunch reached out to John Sheehan, a Microsoft corporate vice president, who did not share more details about the bug, but did say that Microsoft fixed it: “We have mitigated the issue by rolling back a service change. We have communicated to all impacted customers and will provide support as needed,” he told the publication.
Logs are records of events and actions generated by applications or systems. They are used for debugging issues, monitoring performance, and auditing security. By capturing information about the system's operation, logs help developers troubleshoot problems, track system health, and identify potential security threats. That makes them a crucial tool in spotting and tackling cyberattacks.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via TechCrunch
More from TechRadar Pro
- The difference between no-logs and zero-logs VPNs – and why it matters
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.