Another large scale power outage for Microsoft products occurred 30 July 2024, only two weeks after the CrowdStrike incident on 19 July which I talked about here. It effected Microsoft’s Azure cloud platform.

This time, it appears to have been a result of a cyber-attack. Microsoft confirmed in a statement issued yesterday that whilst the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, their “initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it”.

A DDoS attack is a malicious attack which aims to disrupt a target service, server or network, by overwhelming it with a flood of internet traffic.

The company will be issuing a post incident report in the next couple of days, but in the meantime, there will be mounting concerns about the prospect of more litigation, regulatory scrutiny and reputational damage.