Microsoft has revealed the service outage which affected some of its apps and features on Tuesday was sparked by an attempted cyber attack.
The US technology firm said initial problems on its Azure cloud platform had been triggered by a distributed denial-of-service (DDoS) attack, where bad actors try and knock a platform offline by flooding it with traffic until it can no longer cope.
The issue has been resolved, Microsoft said, but the company confirmed its initial investigations had found that an error in the rollout of its own defences to prevent the attack “amplified the impact of the attack rather than mitigating it”.
In an update posted to its Azure status website, Microsoft said an “unexpected usage spike” had caused performance issues on parts of its Azure platform, for which the company said the “initial trigger event” had been the DDoS attack that “activated our DDoS protection mechanisms”, but these protections had initially made things worse, before the firm made “network configuration changes” to relieve and eventually help solve the issue.
The incident on Tuesday saw thousands of users report issues accessing a range of Microsoft services, with service status website DownDetector reporting user-flagged issues with Microsoft Teams, Xbox Live and other services.
Other websites were also affected, with banking giant NatWest apologising to customers whom it said had been unable to access some of its webpages, while Oxford United Football Club posted to X to confirm the issue was preventing online members from accessing online ticketing and club shop services.
The incident came less than two weeks after a major IT outage knocked global infrastructure including transport and healthcare services offline because a flawed software update from cybersecurity firm CrowdStrike affected Microsoft devices.
