The incident highlights a significant vulnerability in global supply chains: the heavy reliance on a few software vendors by some of the world's most crucial industries. This dependency has been increasingly exploited by hackers targeting these vendors to disrupt entire sectors and governments.
Compounding the issue, Microsoft experienced an unrelated problem with its Azure cloud service on Thursday that lasted several hours. On Friday afternoon, the company announced via X that all Microsoft 365 apps and services had been restored.
By Friday morning in New York, many systems were coming back online. CrowdStrike’s Chief Executive Officer George Kurtz stated in a pre-6 a.m. post on X that the fault had been identified and fixed but required manually rebooting Windows machines multiple times.
Shares of CrowdStrike dropped 11% at 9:45 a.m. in New York trading, erasing approximately $7.4 billion from its market value. Earlier in the day, shares fell as much as 15%, marking the largest intraday decline since February. Microsoft shares remained relatively stable at $437.65.
Historical precedents for such outages include errors within Amazon.com Inc.’s cloud service in 2017 and issues at content delivery network Fastly in 2021 that affected multiple media networks including Bloomberg News.
However, none matched the scale of this outage which impacted airlines, banks, and healthcare systems globally.
“I don’t think it’s too early to call it: this will be the largest IT outage in history,” Troy Hunt, an Australian security consultant and creator of Have I Been Pwned said on social media platform X.
Airlines
Airport hubs from Berlin to Delhi faced delays, cancellations, and stranded passengers during a particularly busy travel day. FlightAware reported over 21,000 delayed flights globally.
United Airlines Holdings Inc., Delta Air Lines Inc., American Airlines Group Inc., and Spirit Airlines Inc., among others temporarily grounded flights but began resuming operations on Friday according to the Federal Aviation Administration.
Finance
The London Stock Exchange Group resolved an issue preventing news publication via RNS on its website—a service used by publicly traded companies for regulatory announcements.
Banks including JPMorgan Chase & Co., Nomura Holdings Inc., Bank of America Corp., and Haitong Securities Co., reverted to backup systems or experienced downtime during part of Friday's trading hours.
Health
Critical infrastructure was also affected with disruptions impacting emergency services globally.
Doctors at the UK’s National Health Service could not access essential medical records including scans and blood tests. Memorial Sloan Kettering Cancer Center in New York and Boston-based Mass General Brigham reported patient care disruptions due to the CrowdStrike issue while hospitals across Europe closed clinics or canceled procedures.
New York’s 911 emergency system was impacted though state officials indicated ongoing fixes without specifying full restoration timelines. New Hampshire's emergency services resumed after operators initially could see incoming calls but were unable to answer them.
___
©2024 Bloomberg L.P. Visit bloomberg.com Distributed by Tribune Content Agency LLC.