diff --git a/pkg/awsutils/awsutils.go b/pkg/awsutils/awsutils.go
index 2d9822b15b..7de5533c35 100644
--- a/pkg/awsutils/awsutils.go
+++ b/pkg/awsutils/awsutils.go
@@ -1325,7 +1325,7 @@ func (cache *EC2InstanceMetadataCache) tagENIcreateTS(eniID string, maxBackoffDe
 		awsAPILatency.WithLabelValues("CreateTags", fmt.Sprint(err != nil)).Observe(msSince(start))
 		if err != nil {
 			awsAPIErrInc("CreateTags", err)
-			log.Warnf("Failed to tag the newly created ENI %s:", eniID)
+			log.Warnf("Failed to add tag to ENI %s: %v", eniID, err)
 			return err
 		}
 		log.Debugf("Successfully tagged ENI: %s", eniID)
@@ -1371,15 +1371,18 @@ func (cache *EC2InstanceMetadataCache) getFilteredListOfNetworkInterfaces() ([]*
 		if value, ok := tags[eniCreatedAtTagKey]; ok {
 			parsedTime, err := time.Parse(time.RFC3339, value)
 			if err != nil {
-
+				log.Warnf("ParsedTime format %s is wrong so retagging with current TS", parsedTime)
+				cache.tagENIcreateTS(aws.StringValue(networkInterface.NetworkInterfaceId), maxENIBackoffDelay)
 			}
 			if time.Since(parsedTime) < (5 * time.Minute) {
-				log.Infof("Found ENI created less than 5 mins so not cleaning up")
+				log.Infof("Found an ENI created less than 5 mins so not cleaning it up")
 				continue
 			}
 			log.Debugf("%v", value)
 		} else {
-			//Set time if we didn't have one. This is to catch the v1.5.x or earlier CNI versions.
+			/* Set a time if we didn't find one. This is to prevent accidentally deleting ENIs that are in the
+			 * process of being attached by CNI versions v1.5.x or earlier.
+			 */
 			cache.tagENIcreateTS(aws.StringValue(networkInterface.NetworkInterfaceId), maxENIBackoffDelay)
 			continue
 		}