Azure Outage History: Every Major Incident 2020–2026


Microsoft Azure has recorded 12 major multi-service outages since 2018, including three global incidents lasting eight hours or more. This page documents every major Azure outage from 2020 to 2026 — plus the 2018 South Central US incident that reshaped Microsoft's resiliency engineering — using Microsoft's own post-incident reviews and status history as the primary record. This page is maintained as a historical record and is updated after each major incident. For current incidents, see our live Azure status page.
Each entry lists the date, duration, services affected, geographic scope, and root cause as documented by Microsoft. Where Microsoft published only approximate durations, this page says so. The second half of the page analyzes the pattern behind the incidents: how often Azure goes down, which root causes recur, what the Azure SLA actually pays out, and how Azure's record compares with AWS and Google Cloud.
Table of Contents
How Often Does Azure Go Down?
Azure operates more than 60 regions, and small, localized service degradations happen weekly somewhere in the fleet. The incidents on this page are the ones that crossed a different threshold: multi-service or multi-region impact significant enough that Microsoft published a formal post-incident review. Counted that way, the frequency of major Azure incidents has stayed remarkably stable — roughly one to three per year — even as the platform's footprint has grown.
- 12 major Azure incidents are documented on this page between September 2018 and mid-2026, based on Microsoft's published post-incident reviews and Azure status history.
- By year, the count runs: one in 2020, three in 2021, three in 2023, three in 2024, and one in 2025 — with 2022 the only recent year without a global-scale incident in this record.
- Three incidents reached global scope with impact lasting about eight hours or more: the January 25, 2023 WAN outage, the July 30, 2024 Front Door incident, and the October 29, 2025 Front Door configuration outage.
- The longest regional incident in this record is the August 30, 2023 Australia East outage, where some customers experienced degraded storage and database availability for more than 24 hours after a utility voltage sag disabled datacenter chillers.
- Two of the twelve incidents — June 2023 and July 30, 2024 — involved distributed denial-of-service attacks, both later documented publicly by Microsoft.
Azure Outage Timeline: 2018–2021
The modern era of Azure incident history starts with the September 2018 South Central US outage, which remains the platform's most severe single-datacenter event and prompted Microsoft's multi-year investment in availability zones. The 2020–2021 incidents that followed were different in kind: identity-plane and DNS failures that were shorter but global, because every Azure and Microsoft 365 sign-in depends on the same authentication backbone. That coupling is why the Microsoft 365 outage history overlaps so heavily with this page.
| Date | Duration | Services affected | Scope | Root cause |
|---|---|---|---|---|
| Sep 4, 2018 | About 1–3 days (varied by service) | Storage, VMs, Visual Studio Team Services, dependent Azure and Office 365 services | South Central US region, with knock-on global effects | Lightning strike near the San Antonio datacenter caused a voltage swell that damaged cooling; hardware shut down to protect data |
| Sep 28, 2020 | About 5 hours | Azure Active Directory sign-ins; Microsoft 365, Teams, Azure portal access | Global (Americas most affected) | A service update to Azure AD introduced a code defect; rollback was slowed by a latent defect in the safe-deployment tooling |
| Mar 15, 2021 | About 2 hours (residual effects longer) | Azure Active Directory authentication; Teams, Office, Azure portal, Dynamics | Global | An error during a cryptographic key rotation left a key removed while still in use, causing sign-in failures |
| Apr 1, 2021 | About 1 hour | Azure DNS; name resolution for Azure services and customer domains | Global | An anomalous surge in DNS queries exposed a code defect in the DNS service's volumetric-spike defenses |
| Oct 2021 | About 1–2 hours (intermittent) | DNS resolution affecting multiple Azure services and dependent workloads | Multi-region | DNS-layer issues; documented in Azure status history with narrower impact than the April event |
- The September 4, 2018 South Central US outage began with a lightning strike during a severe thunderstorm in San Antonio; the resulting voltage swell damaged the datacenter's cooling systems and forced automated hardware shutdowns to protect customer data (Microsoft root cause analysis).
- Recovery from the 2018 incident took about one to three days depending on the service, because storage hardware had to be inspected and repaired before data could be brought back online — Microsoft prioritized data integrity over recovery speed.
- The September 28, 2020 Azure AD outage blocked sign-ins for about five hours, and Microsoft's post-incident review attributed the extended duration to a defect in the rollback tooling itself.
- The March 15, 2021 authentication outage was caused by an error in an automated key rotation: a signing key was marked for removal while still in use, invalidating tokens globally for about two hours, with some services taking longer to fully recover.
- The April 1, 2021 DNS incident lasted about one hour, and Microsoft's review found that a surge of DNS queries triggered a code defect in the platform's own spike-mitigation logic — the defense amplified the problem it was built to absorb.
- After the 2021 identity incidents, Microsoft raised the Azure Active Directory SLA to 99.99% effective April 2021, one of the few times a major cloud provider has tightened an SLA in direct response to outage history.
Azure Outage Timeline: 2023
2023 produced Azure's most instructive year of incidents: one global network failure from a single configuration change, one sustained attack campaign, and one physical-infrastructure failure. Three incidents, three entirely different failure modes.
| Date | Duration | Services affected | Scope | Root cause |
|---|---|---|---|---|
| Jan 25, 2023 | About 2–5 hours (varied by service and region) | Azure networking, Microsoft 365, Teams, Outlook, Azure portal | Global | A router configuration change on Microsoft's wide-area network propagated incorrectly, disrupting connectivity between regions and to the internet |
| Early Jun 2023 | Intermittent over several days | Azure portal, Outlook on the web, OneDrive | Global (web front ends) | Layer 7 DDoS attacks by the actor Microsoft tracks as Storm-1359 (publicly known as Anonymous Sudan) |
| Aug 30, 2023 | More than 24 hours for some customers | Storage, SQL Database, Cosmos DB, VMs in the affected zone | Australia East region (Sydney) | A utility voltage sag disabled chillers in one availability zone; delayed manual restart led to thermal shutdowns of storage hardware |
- The January 25, 2023 outage was traced to a single WAN router configuration change: a command issued while adding a router to Microsoft's global network propagated changes across the WAN, breaking inter-region and internet connectivity (Microsoft post-incident review).
- Impact from the WAN incident lasted about two to five hours depending on service and region, and because Microsoft 365 rides the same backbone, Teams and Outlook failed worldwide alongside Azure workloads.
- Downdetector-style monitoring services logged report spikes from dozens of countries within minutes of the January 2023 WAN failure — a demonstration of how much global traffic converges on one private backbone.
- In June 2023, Microsoft confirmed that availability drops in the Azure portal, Outlook on the web, and OneDrive were caused by Layer 7 DDoS attacks from Storm-1359, the actor publicly known as Anonymous Sudan (Microsoft Security Response Center).
- The June 2023 attacks used HTTP(S) floods, cache bypass, and Slowloris techniques against web front ends rather than volumetric network floods — which is why they degraded portals while leaving most backend workloads running.
- The August 30, 2023 Australia East incident began with a utility voltage sag at 10:30 UTC that knocked out chillers in one availability zone; storage infrastructure shut down on thermal protection before cooling was restored.
- Microsoft's Australia East review acknowledged that night-shift staffing at the affected facility was insufficient to execute the manual chiller-restart procedure in time — a rare public admission that operational staffing contributed to outage duration.
Azure Outage Timeline: 2024–2025
The 2024–2025 window contains Azure's two most publicized incidents: the July 2024 pair that bracketed the CrowdStrike event, and the October 2025 Front Door outage that grounded airline check-in systems days after AWS suffered its own landmark failure. Businesses planning a move to the platform should read these entries alongside our guide to how long an Azure migration takes, because resilience decisions made during migration determine how much these events hurt.
| Date | Duration | Services affected | Scope | Root cause |
|---|---|---|---|---|
| Jul 18–19, 2024 | Several hours (some VM recovery longer) | Storage, Virtual Machines, Cosmos DB, App Service and dependent services | Central US region | A backend configuration/storage availability failure took storage partitions offline, causing VM restarts and connection failures |
| Jul 30, 2024 | About 8–10 hours (intermittent) | Azure Front Door, Azure portal, Microsoft 365 services, App Service front ends | Global | A DDoS attack triggered Azure's defenses, but an error in the defense implementation amplified rather than mitigated the impact |
| Nov 25, 2024 | Several hours (rolling recovery) | Microsoft 365 services including Exchange Online and Teams calendars, with Azure-side dependencies | Partial / multi-service | A problematic change was rolled back after causing token and routing failures in dependent infrastructure |
| Oct 29, 2025 | About 8+ hours | Azure Front Door, Azure portal, Microsoft 365, Xbox/Minecraft services, customer sites behind Front Door | Global | An inadvertent configuration change in Azure Front Door; a defect allowed the invalid state to bypass safety validation and propagate globally |
- The July 18–19, 2024 Central US incident took storage partitions offline for several hours, forcing Virtual Machine restarts across the region — and it hit hours before the unrelated CrowdStrike Falcon update crashed roughly 8.5 million Windows devices, compounding a brutal 48 hours for IT teams.
- Because the two events overlapped, many organizations initially misattributed Central US Azure failures to CrowdStrike; Microsoft's status history records them as separate incidents with separate root causes.
- The July 30, 2024 global outage ran about eight to ten hours of intermittent failures, and Microsoft's review confirmed the trigger was a DDoS attack — with the impact amplified by an error in the implementation of Azure's own DDoS defenses.
- The July 30 incident centered on Azure Front Door, the global edge and load-balancing layer, which is why the blast radius included the Azure portal, Microsoft 365 front ends, and thousands of customer websites that route through the service.
- The October 29, 2025 outage began at about 16:00 UTC when an inadvertent tenant configuration change in Azure Front Door propagated globally after a software defect allowed it to bypass safety validation (Microsoft post-incident review).
- Recovery took about eight hours or more for full mitigation: Microsoft blocked further configuration changes, rolled back to a last-known-good state, and rebalanced traffic gradually to avoid overloading recovering nodes.
- The October 2025 incident disrupted Microsoft 365, Xbox and Minecraft services, airline check-in systems including Alaska Airlines, and major retailers — and it landed just nine days after the October 20, 2025 AWS us-east-1 outage, putting hyperscaler concentration risk on front pages twice in one month.
Root Causes Ranked
Across the twelve incidents in this record, the same handful of failure categories keep recurring. Ranked by frequency in Azure's major-incident history:
| Rank | Root cause category | Incidents in this record | Examples |
|---|---|---|---|
| 1 | Configuration and change errors | 5 | Jan 2023 WAN, Oct 2025 Front Door, Sep 2020 AAD, Mar 2021 key rotation, Nov 2024 |
| 2 | DNS failures | 2 | Apr 2021, Oct 2021 |
| 3 | DDoS attacks | 2 | Jun 2023 (Storm-1359), Jul 30 2024 |
| 4 | Power, cooling, and capacity | 3 | Sep 2018 lightning strike, Aug 2023 chiller failure, Jul 2024 Central US storage |
- Five of twelve major Azure incidents — 42% — trace to configuration or change-management errors, making bad changes the single largest cause of major Azure downtime, ahead of attacks, weather, and hardware combined.
- In three incidents — April 2021 DNS, July 2024 DDoS response, and October 2025 Front Door — Azure's own protection or validation mechanisms contributed to the failure, either by amplifying the trigger or by failing to catch an invalid state.
- This pattern matches industry-wide data: the Uptime Institute Annual Outage Analysis consistently finds that networking-related incidents are the most common cause of IT service outages, with configuration and change-management failure the leading contributor (Uptime Institute, 2024).
- Uptime Institute also reports that human error plays a role in roughly two-thirds to four-fifths of significant outages across the industry — usually because staff failed to follow procedures, or because the procedures themselves were flawed.
- Only one incident in this record was caused by weather (the 2018 lightning strike), and none by large-scale hardware failure alone — modern hyperscale outages are overwhelmingly software, network, and process events.
Azure SLA Structure and Outage Credits
Azure's service level agreements promise between 99.9% and 99.99% availability depending on the service and how it is deployed. The difference sounds small; over a year it is the difference between about 8.8 hours and 53 minutes of allowed downtime.
| Deployment | SLA | Allowed downtime/year | Source |
|---|---|---|---|
| VMs across 2+ availability zones | 99.99% | About 53 minutes | Microsoft Azure SLA |
| VMs in an availability set (same datacenter) | 99.95% | About 4.4 hours | Microsoft Azure SLA |
| Single VM with Premium SSD | 99.9% | About 8.8 hours | Microsoft Azure SLA |
| Azure Front Door | 99.99% | About 53 minutes | Microsoft Azure SLA |
| Microsoft Entra ID (Azure AD) | 99.99% | About 53 minutes | Microsoft Azure SLA |
- Azure's headline compute SLA is 99.99% for Virtual Machines deployed across two or more availability zones, dropping to 99.95% for availability sets and 99.9% for a single instance with Premium SSD storage (Microsoft Azure SLA documentation).
- A 99.9% SLA permits about 8 hours 46 minutes of downtime per year; 99.99% permits about 52 minutes 36 seconds. One incident on the scale of October 29, 2025 consumes a full year of 99.9% budget in a single day.
- Azure service credits are tiered: 10% of the monthly service fee when uptime falls below the SLA threshold, 25% below 99%, and 100% below 95% for most services — and credits apply only to the affected service's fees, not to business losses.
- Credits are not automatic for most services: customers generally must file a claim with support, typically within one to two billing months of the incident, with logs demonstrating the impact.
- The gap between credits and losses is wide: a customer paying $10,000/month for affected services would receive at most $1,000–$2,500 in credits for an outage that industry data (see below) suggests costs the median enterprise well over $100,000.
- Microsoft publishes formal post-incident reviews (PIRs) for major outages on the Azure status history page, typically within 14 days, with preliminary reviews inside 72 hours — the primary source record used throughout this page.
Azure vs AWS vs GCP Reliability
No hyperscaler is immune. Within a single 30-day window in late 2025, AWS, Azure, and (to a lesser degree) other platforms all suffered headline incidents. Independent monitoring firms such as ThousandEyes and status aggregators like StatusGator track cloud incidents continuously, though methodology differences mean cross-provider comparisons should be read as directional rather than precise. For adoption context behind these comparisons, see our cloud market share statistics.
- All three major clouds sustain aggregate availability above 99.9% across their service fleets in independent monitoring; the meaningful differences are in incident blast radius and recovery time, not headline uptime percentages (ThousandEyes internet and cloud intelligence reporting).
- The October 20, 2025 AWS us-east-1 outage — a DNS automation failure affecting DynamoDB and dozens of dependent services for roughly a working day — preceded Azure's October 29 Front Door incident by nine days; the pairing shows concentration risk is industry-wide, not vendor-specific.
- Google Cloud's largest recent event, the June 12, 2025 global outage, was caused by an invalid automated quota update to its API management layer — the same configuration-propagation failure class as Azure's January 2023 and October 2025 incidents.
- ThousandEyes outage tracking has historically counted more raw network-level outage events for AWS than Azure or GCP, largely reflecting AWS's larger footprint; per-service impact-hours paint a more even picture across the three providers.
- Azure's structural distinction is coupling: because Microsoft 365, Entra ID, and Azure share identity and edge infrastructure, Azure control-plane incidents frequently take down productivity services too — a blast-radius pattern AWS and GCP outages rarely replicate, and a recurring theme across this page and the Microsoft 365 outage history.
Architecting Around Single-Region Risk
The incident record points to concrete design guidance. Regional incidents (July 2024 Central US, August 2023 Australia East) are survivable with zone- and region-redundant architecture. Global control-plane incidents (January 2023, October 2025) are harder: when the WAN or the edge layer fails, multi-region deployments inside the same cloud fail together. Teams planning deployments — or moving workloads onto the platform through Azure migration services — can reduce exposure with a few consistent practices:
- Deploy across availability zones by default. Zone-redundant deployments carry the 99.99% VM SLA and would have ridden out the Australia East chiller failure, which was confined to one zone.
- Pair regions for failover. Regional storage incidents like Central US in July 2024 are the case for active-passive or active-active pairs with tested failover, not just replicated data.
- Keep a path around the global edge. Both Front Door incidents (July 2024, October 2025) took down customer sites that had no alternative ingress; organizations with a secondary traffic manager or DNS-level failover restored service hours earlier.
- Do not host your status page or runbooks solely on the platform they describe. During the January 2023 and October 2025 incidents, some customers could not reach the Azure portal to diagnose their own outage.
- Test the claim process. SLA credits require evidence; monitoring that independently timestamps your outage windows pays for itself in a single claim.
The engineering effort is not trivial, which is why many organizations bring in outside help to design landing zones with zone redundancy and failover built in from day one rather than retrofitting after their first incident. Structured Azure migration services engagements typically include this resilience design as part of the landing-zone phase.
What Downtime Costs
Outage cost data explains why this history matters commercially. The physical infrastructure behind these numbers — and its growth trajectory — is covered in our data center statistics.
- The Uptime Institute Annual Outage Analysis finds that a majority — 54% — of significant outages cost the affected organization more than $100,000, with 16% costing more than $1 million.
- ITIC's Hourly Cost of Downtime survey reports that more than 90% of mid-size and large enterprises put the cost of a single hour of downtime above $300,000, and 41% put it between $1 million and $5 million.
- Applied to the October 29, 2025 incident's roughly eight-hour window, ITIC's floor figure implies $2.4 million or more in losses for a typical affected enterprise — against a maximum SLA credit measured in thousands.
- Uptime Institute's trend data shows outage frequency relative to IT footprint is slowly declining, but the cost per outage keeps rising as more revenue-critical processes move onto cloud platforms.
- Uptime Institute also finds that third-party providers — cloud, hosting, and telecom — account for a growing share of significant outages, which is precisely why maintaining an incident record like this page, alongside a live status feed, has become standard operational practice.
Sources
This timeline is compiled from the following primary and industry sources:
- Microsoft Azure status history and post-incident reviews (PIRs), 2018–2026
- Microsoft root cause analysis: South Central US, September 2018
- Microsoft post-incident reviews: Azure AD (Sep 2020, Mar 2021), Azure DNS (Apr 2021), WAN (Jan 2023), Australia East (Aug 2023), Central US (Jul 2024), Azure Front Door (Jul 2024, Oct 2025)
- Microsoft Security Response Center: Response to Layer 7 DDoS attacks (Storm-1359), June 2023
- Microsoft Azure service level agreement documentation
- Uptime Institute Annual Outage Analysis (2023–2025 editions)
- ITIC Hourly Cost of Downtime Survey (2024)
- Cisco ThousandEyes internet and cloud intelligence reporting
This page is updated after each major Azure incident. Last updated: July 2026.
Protect your organization with expert healthcare IT support designed for HIPAA compliance.
Healthcare IT SolutionsTopics

Sreenivasa Reddy G
Founder & CEO • 15+ years
Sreenivasa Reddy is the Founder and CEO of Medha Cloud, recognized as "Startup of the Year 2024" by The CEO Magazine. With over 15 years of experience in cloud infrastructure and IT services, he leads the company's vision to deliver enterprise-grade cloud solutions to businesses worldwide.
More in Microsoft Azure
View all
Cloud Market Share 2026: AWS vs Azure vs Google Cloud
17 min read

N-able Pricing — N-central vs N-sight Per-Device Costs & Quote Strategy (2026)
7 min read

Azure Security Best Practices 2026: 35 Critical Controls Every Organization Must Implement
26 min read

Azure Cost Optimization Guide 2026: 20 Strategies to Cut Your Cloud Spend by 30-50%
24 min read

Microsoft Patches Severe Entra ID Bug That Could Let Hackers Impersonate Cloud Administrators
2 min read
Choosing the Right Azure/M365 Multi-Tenant Management Tools: Expert Guidance
4 min read