Back

Microsoft Resolves MFA Setup Outage Affecting Users

Severity: Low (Score: 27.8)

Sources: www.wiz.io, Cybersecuritynews, Bleepingcomputer

Published: 2026-06-01 · Updated: 2026-06-01

Keywords: microsoft, affecting, multi-factor, authentication, investigating, confirms, outage

Severity indicators: outage

Summary

On June 1, 2026, Microsoft confirmed an outage impacting users' ability to set up multi-factor authentication (MFA) and access the My Sign-Ins platform. The issue was acknowledged around 5 AM ET, with affected users experiencing 504 Gateway Timeout errors. Microsoft implemented mitigation measures, including switching to alternative infrastructure, to address the problem. The outage was attributed to a recent cache configuration change that led to high CPU and memory utilization during peak EU traffic. By 8:41 AM ET, Microsoft reported that access to the My Sign-Ins service was restored, and the incident was classified as resolved. This incident follows earlier service disruptions affecting Microsoft Teams and Outlook.com earlier in the year. Key Points: • Microsoft experienced a significant outage affecting MFA setup and My Sign-Ins access. • Users encountered 504 Gateway Timeout errors during the incident. • The issue was resolved within hours, attributed to a cache configuration change.

Detailed Analysis

**Impact** Users attempting to set up multi-factor authentication (MFA) or access the My Sign-Ins portal at mysignins.microsoft.com experienced service disruption, receiving 504 Gateway Timeout errors. The outage was global in scope, with peak impact noted in the EU region due to traffic surges. This affected Microsoft 365 customers relying on MFA for secure authentication, potentially delaying security enhancements and access management. No data breach or loss was reported. **Technical Details** The incident was caused by a recent cache configuration change that required a failover to alternate infrastructure, which led to high CPU and memory utilization during peak EU traffic. This prevented the My Sign-Ins service from processing requests, resulting in 504 Gateway Timeout errors. No evidence of malware, exploitation of CVEs, or attacker involvement was reported. The issue was linked to infrastructure failover and service processing optimization stages. **Recommended Response** Defenders should monitor Microsoft 365 service health dashboards and telemetry for any recurring MFA or My Sign-Ins access issues. No patches or malware detections are applicable as this was an infrastructure configuration incident. Organizations should verify MFA setup functionality post-incident and ensure alternative authentication methods are available during outages. Maintain vigilance for any new Microsoft advisories related to this service.

Source articles (4)

  • Microsoft Investigates MFA Setup Failure and MySigns — Cybersecuritynews · 2026-06-01
    Microsoft is currently investigating a service disruption affecting users attempting to set up multi-factor authentication (MFA) or access the self-service sign-in portal at mysignins.microsoft.com. T…
  • Microsoft confirms outage affecting MFA, My Sign — Bleepingcomputer · 2026-06-01
    Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. "We're investigating an issue where so…
  • Microsoft fixes outage affecting MFA setup, MySignIn service — Bleepingcomputer · 2026-06-01
    Microsoft has addressed an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. "We're investigating an issue where some users…
  • Mcp Prompt Playbook For Soc Teams — www.wiz.io · 2026-06-01
    SOC Managers and Security Analysts looking to scale triage capabilities and slash investigation times without losing operational control. Security Architects and Engineers deploying agentic AI workflo…

Timeline

  • 2025-06-13 — CVE-2025-49596 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-06-01 — Outage confirmed affecting MFA and My Sign-Ins: Microsoft acknowledged an outage preventing users from setting up MFA and accessing the My Sign-Ins platform, with 504 Gateway Timeout errors reported.
  • 2026-06-01 — Mitigation actions initiated: Microsoft switched to alternative infrastructure to mitigate the impact of the outage and began monitoring service health.
  • 2026-06-01 — Access restored to My Sign-Ins service: By 8:41 AM ET, Microsoft announced that access to the My Sign-Ins service was restored after addressing the cache configuration issue.

CVEs

  • CVE-2025-49596

Related entities

  • Microsoft (Company)
  • outlook.com (Domain)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed