Cloud-based Microsoft applications, including Microsoft Teams, went down across a swathe of the U.S. yesterday.
Users of Microsoft Office 365, Outlook, Exchange, Sharepoint, OneDrive and Azure also reported they were unable to login. Instead, they were presented with a “transient error” message informing them there was a problem signing them in.
These issues appear to have started at around 5 p.m. ET, with services not returning to normal for many until 10 p.m. ET.
Indicative of the times we live in, whenever such an outage impacts so many people, the question of whether it’s an ongoing cyber-attack is front and center.
However, there is no evidence this was the case last night. So what did happen to take down access to Microsoft Teams, with work from home users taking to Twitter to complain of being unable to work, not to mention Office 365 and other cloud-based service disruption?
As was the case in June, when mobile calls and text messaging went down for many in the U.S. and August, when global internet traffic to major sites was disrupted, the cause could be much more mundane than a coordinated cyber-attack.
The first clue came when a Microsoft 365 Status message posted to Twitter revealed that Microsoft had “identified a recent change that appears to be the cause of the issue,” and said this was being rolled back to mitigate the impact.
However, soon after, another tweet poured cold water on that as it confirmed that Microsoft was “not observing an increase in successful connections” as a result of the rollback.
Two hours later, after rerouting traffic to “alternative infrastructure,” Microsoft reported improvements in multiple services.
Wait a moment, does that mean it could have been a massive, and somewhat audacious, distributed denial of service (DDoS) attack after all? Not according to a statement from a Microsoft spokesperson given to CNN Business: “we’ve seen no indication that this is the result of malicious activity.”
Another Microsoft status update message pointed to “a specific portion of our infrastructure” that was not processing authentication requests as expected.
According to some reports, this was a “code issue” that prevented the processing of those authentication requests “in a timely fashion.”
This remains a developing story as far as cause, rather than effect, is concerned. I have reached out to Microsoft for a statement regarding exactly what went wrong with the authentication process and will update this article once I have that clarification.