Cyber Security News

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users.

The problem, which surfaced earlier today, is preventing affected users from accessing certain M365 applications, raising concerns for businesses and individuals who rely on these services for essential operations.

Microsoft flagged the issue via its official MSFT365 Status account on X stating:
“We’re investigating an issue in which Multi-Factor Authentication (MFA) may prevent users from accessing some Microsoft 365 (M365) Apps. We’ve redirected affected traffic and service availability is improving.”

The post further advised administrators to refer to incident ID OP978247 within the Microsoft admin center for detailed updates and support.

Microsoft Warns of MFA Issue

Multi-factor authentication has become a cornerstone of digital security, requiring users to verify their identities with an additional layer of authentication, such as a text message, phone call, or app verification, after entering their password.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

However, the current issue appears to be causing disruptions in this critical step, thereby restricting access to apps like Outlook, Teams, SharePoint, and others under the M365 umbrella.

While the exact cause of the problem has not yet been disclosed, Microsoft revealed that traffic redirection efforts are underway, and initial signs of service improvement have been observed.

The outage is likely to create challenges for organizations that depend heavily on M365 services for day-to-day communication, collaboration, and workflows.

Users attempting to log in with MFA-enabled accounts may find themselves locked out, potentially disrupting meetings, emails, and document sharing.

For IT administrators, the situation adds pressure as they navigate workarounds to keep their teams connected while keeping security protocols intact.

Businesses handling sensitive data may be especially cautious during this period, as MFA is a critical safeguard against unauthorized access.

Microsoft has assured its users that it is actively investigating the issue and is working on mitigating its impact. The company advises affected users to monitor the Microsoft 365 admin center for the latest updates on OP978247.

Microsoft’s prompt response, including traffic redirection, has reportedly improved the availability of certain services, though users are encouraged to plan for potential delays while Microsoft resolves the issue completely.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Critical Chrome Flaw Allows Attackers to Remotely Execute Code

Google has released an urgent update for its Chrome browser to address a critical security…

2 hours ago

Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials, device…

2 hours ago

Palo Alto PAN-OS Zero-Day Flaw Allows Attackers to Bypass Web Interface Authentication

Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing attackers…

3 hours ago

Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags

The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat…

17 hours ago

Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware

In a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in…

17 hours ago

ZeroLogon Ransomware Exploits Windows AD to Hijack Domain Controller Access

A newly intensified wave of ransomware attacks has surfaced, leveraging the infamous ZeroLogon vulnerability (CVE-2020-1472)…

17 hours ago