A faulty software update caused global technological chaos on Friday, grounding flights, disrupting financial companies and news outlets, and affecting hospitals, small businesses, and government offices.
 |
| Microsoft headquarters in Redmond, Washington. DAVID RYDER/GETTY IMAGES |
The widespread outages underscored the vulnerability of a digitized world reliant on a few key providers for essential computing services.
The problem originated from an update issued by cybersecurity firm CrowdStrike, impacting only its customers using Microsoft Windows, the world's most popular operating system for personal computers. CrowdStrike clarified that the issue was not due to hacking or a cyberattack and apologized, stating that a fix was forthcoming.
Businesses and governments worldwide faced hours-long disruptions, their computer monitors displaying blue error messages, as they scrambled to manage the fallout. CrowdStrike’s CEO mentioned that some systems would need time-consuming manual fixes.
Thousands of flights were canceled, and tens of thousands were delayed, causing long lines at airports across the U.S., Europe, Asia, and Latin America. Airlines lost access to check-in and booking services during the peak of the summer travel season. By late afternoon Eastern time, the worst seemed to be over, though there were still lingering cancellations and delays due to the cascading effects of the disruption.
Several local TV stations in the U.S. were unable to air the news early Friday, and some state and local governments reported issues at courts, motor vehicle departments, unemployment agencies, emergency call centers, and other offices. However, as the day progressed, many systems were returning to normal.
Affected hospitals faced issues with appointment systems, forcing them to suspend patient visits and cancel some surgeries.
Alison Baulos shared that her 73-year-old father’s heart surgery in Paducah, Kentucky, was canceled due to the tech outage, leaving her family scared and worried.
“It really makes you realize how much we rely on technology and how scary it is,” Baulos said in an interview. Her father was waiting at Baptist Hospital to find out what would happen next. A phone message left with the hospital was not immediately returned.
American Express reported temporary difficulties processing transactions, while TD Bank responded to online complaints, stating it was working to restore customers’ ability to access their accounts.
Elsewhere, people faced minor inconveniences, such as trouble ordering ahead at Starbucks, resulting in long lines at some of the coffee chain’s stores.
In New York City’s Times Square, just before 12:30 a.m., blue “recovery” screens appeared on several giant electronic billboards. A few were still dark Friday afternoon.
Cyber expert James Bore warned of significant repercussions. “All of these systems are running the same software,” Bore said. “We’ve made these tools so widespread that when things inevitably go wrong — and they will, as we’ve seen — they go wrong on a huge scale.”
Claudia Plattner, head of Germany’s IT security agency, stated, “we can’t expect a very quick solution.” Predicting when all systems will be fully operational is challenging, but “it won’t be hours,” she added.
CrowdStrike mentioned on its customer service line that the problem was linked to “the Falcon sensor,” a product used to block online attacks. The company claims to have 29,000 customers.
In an interview on NBC’s Today show, CrowdStrike CEO George Kurtz apologized, expressing that the company was “deeply sorry for the impact caused to customers, travelers, and anyone affected, including our companies.”
“We know what the issue is” and are working to resolve it, Kurtz said. However, he acknowledged it could take “some time” for certain customers, particularly those without in-house expertise.
While CrowdStrike’s update was automated, the fix demands manual efforts, such as deleting corrupted files, which could take some customers days or longer, noted Forrester analyst Allie Mellen.
“Given that CrowdStrike has a vast customer base, including numerous Fortune 500 companies, and likely millions of (computers) under management, this issue is substantial,” Mellen said. “It’s going to be a lengthy and challenging process.”
Ann Johnson, corporate vice president and deputy chief information security officer at Microsoft, said late Friday afternoon that “at this point, customers are receiving or have received the necessary information and support they need, recognizing it’s a significant issue.”
She emphasized that Microsoft’s main priority is restoring customer functionality, though she couldn't estimate how long this might take.
In Alaska, the state’s court system returned to functionality after repairs that took 12 hours to complete, according to spokesperson Rebecca Kofort. In Iowa, Gov. Kim Reynolds reported that the state’s critical technology systems were operational again by mid-afternoon.
CrowdStrike, based in Austin, Texas, saw its shares fall more than 11 percent by the end of Friday trading, while Microsoft’s stock price dipped less than 1 percent.
Despite the widespread impact, forecasting firm Capital Economics suggested the outage would likely have minimal impact on the global economy.
Cybersecurity experts have advised that those affected by the outage should be cautious of bad actors exploiting the situation by offering false assistance. "Attackers will definitely prey on organizations as a result of this," warned Gartner analyst Eric Grenier.
In a letter to customers posted on CrowdStrike’s website, CEO George Kurtz assured that the outage did not impact its Falcon systems or its security scanning capabilities.
Most airlines cited issues with their booking systems as the cause of the disruptions. In the U.S. alone, thousands of flights were affected, though by late morning on the East Coast, airlines began mitigating problems and resuming some services. However, clearing the backlog takes time.
At Minneapolis-Saint Paul International Airport, Sarah Schafer experienced a significant delay en route to her cousin’s 50th birthday party in Florida. She had been waiting for almost three hours with no indication of when her flight would be rebooked. "I seem calm," said Schafer, who was using a cane due to an ankle injury, "but my angry side might come out."
Airlines and railways in the U.K. faced long wait times, and airports across Europe suspended landings or halted takeoffs for several hours due to check-in difficulties.
Saskia Oettinghaus, a member of the German Olympic diving team, was among those stranded at Berlin Airport. "We are on our way to Paris for the Olympic Games and now we are at a standstill here for the time being," Oettinghaus said.
In Cancun, Mexico, the main tourist destination on the Caribbean coast, the state government reported 24 cancellations and 100 delayed flights. Some travelers tried to lighten the long waits by singing the traditional Mexican song, "Cielito Lindo," while a band that was also stranded played music at the Cancun airport.
In Australia, national news outlets, including ABC and Sky News Australia, faced hours of broadcasting interruptions. Some news anchors went on-air from dark offices with computers showing blue error screens.
In the U.S., KSHB-TV in Kansas City, Missouri, aired Scripps News instead of local news until about 5:35 a.m. Other local stations owned by Scripps reported similar issues, but Scripps spokesman Michael Perry noted that 90% of stations were able to air local news by early Friday.
Hospitals across different countries experienced problems. Britain's National Health Service reported that the outage affected appointment and patient-record systems at most doctors' offices. At Mass General Brigham, Massachusetts's largest health care system, all non-urgent surgeries, procedures, and medical visits scheduled for Friday were canceled due to the outage.
International shipping was also disrupted. A major container hub in the Baltic port of Gdansk, Poland, encountered problems. At the twin ports of Los Angeles and Long Beach, marine terminals were affected, although the outage didn't cause significant disruptions.
