Microsoft says it has lost 'weeks' worth of security logs for some products

A building at the Microsoft Headquarters campus in Redmond, Washington (2014).
(Image credit: Stephen Brashear/Getty Images)

Microsoft has admitted it lost more than two weeks of security logs for some of its cloud products, raising potentially concerning security risks.

Microsoft reportedly users about the problem, saying the loss was not due to a security incident or an attack, but rather came as a result of a software flaw.

“A bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform,” Microsoft was cited saying. The malfunction took place between September 2 and September 19.

Entra, Sentinel, and others

Logs are important because they help IT teams keep track of possible intrusions and other cyberattacks, so not having this information for more than two weeks puts the users at risk.

As per the reports, the malfunction affected a couple of products: Microsoft Entra, Sentinel, Defender for Cloud, and Purview. Affected customers “may have experienced potential gaps in security related logs or events, possibly affecting customers’ ability to analyze data, detect threats, or generate security alerts,” the company said in the notification.

TechCrunch reached out to John Sheehan, a Microsoft corporate vice president, who did not share more details about the bug, but did say that Microsoft fixed it: “We have mitigated the issue by rolling back a service change. We have communicated to all impacted customers and will provide support as needed,” he told the publication.

Logs are records of events and actions generated by applications or systems. They are used for debugging issues, monitoring performance, and auditing security. By capturing information about the system's operation, logs help developers troubleshoot problems, track system health, and identify potential security threats. That makes them a crucial tool in spotting and tackling cyberattacks.

Via TechCrunch

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.