Microsoft has admitted to a significant lapse in its cloud security logging, leaving customers vulnerable to undetected intrusions for over two weeks. A bug in the company’s internal monitoring system resulted in the loss of critical security logs between September 2nd and 19th.

This incident affects several key Microsoft cloud products, including Entra, Sentinel, Defender for Cloud, and Purview. These logs are essential for tracking user activity, identifying suspicious behavior, and detecting potential cyberattacks. Without them, network defenders are left with a significant blind spot, making it challenging to identify any breaches that may have occurred during this period.

While Microsoft claims the outage was not caused by a security incident, the timing raises eyebrows. This news comes just a year after the company faced criticism for withholding security logs from certain U.S. government agencies, hindering their ability to detect a series of China-backed intrusions.

In response to the 2023 incident, Microsoft pledged to provide broader access to security logs. However, this recent logging failure highlights ongoing concerns about the transparency and reliability of Microsoft’s cloud security practices.

Microsoft has confirmed the issue and claims to have mitigated it. The company is also reaching out to affected customers and offering support. However, the lost logs remain unrecoverable, leaving a potential gap in security for an unknown number of users. This incident serves as a reminder of the importance of robust security logging and the potential consequences when these systems fail.