Last Updated: July 19, 2024 at 3:01 p.m. ETFirst Published: July 19, 2024 at 3:46 a.m. ET
Barbara Kollmeyer, Ciara Linnane, James Rogers,
CrowdStrike shares plunge after software update affects Microsoft’s operating system
Major airlines grounded flights, airport operations were snarled and companies globally were experiencing computer outages caused by a CrowdStrike cybersecurity platform issue on Friday.
Companies were gradually rolling out updates to fix the problem, which CrowdStrike blamed on an errant update rather than a security breach or hack.
American Airlines Group Inc. AAL, -0.38%, Delta Air Lines Inc. DAL, +1.16% and United Airlines Holdings Inc. UAL, +3.32% had to ground flights, and although financial markets were operating, the feed the London Stock Exchange uses to disseminate company announcements was down for several hours.
Advertisement
Major hospitals were also scrambling to respond. Mass General Brigham in Boston said that all previously scheduled nonurgent surgeries, procedures and medical visits were canceled Friday, although the hospital remains open for patients with urgent health issues.
Main Line Health, which has several hospitals in the Philadelphia region, said it is experiencing issues with clinical and nonclinical applications and that elective surgical procedures were paused Friday morning.
At the University of Kentucky, hospitals and clinics are seeing disruptions due to CrowdStrike issues, and the IT team is working to restore servers and workstations throughout the system and to “prioritize the needs of our most critical and complex patients,” a spokesperson told MarketWatch.
For more, read: Hospitals, 911 systems scramble to respond to CrowdStrike issues
Uncover New Horizons With Black Tomato
Access complimentary travel experiences when you book with Black Tomato. Included in your subscription through The Journal Collection.
President Joe Biden has been briefed on the outage and his administration is in touch with CrowdStrike and with affected entities, according to the White House.
“His team is engaged across the interagency to get sector-by-sector updates throughout the day and is standing by to provide assistance as needed,” a White House official said.
The president was also briefed on a drone attack carried out overnight in Tel Aviv.
The latest cybersecurity update from CrowdStrike was putting computers using the Microsoft Windows MSFT, -0.74% operating system into a “blue screen” reboot loop. Systems using Apple Inc.’s Macintosh AAPL, +0.06% or Linux operating systems were not affected.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” CEO George Kurtz said in a statement.
“Mac and Linux hosts are not impacted. This is not a security incident or cyberattack,” he said. “The issue has been identified, isolated and a fix has been deployed.”
Kurtz told NBC’s “Today” that the problem was caused by a bug in a single update. The company quickly identified the issue and remediated it, he said.
Kurtz was asked how a single faulty update could cause such widespread disruption and chaos.
“We have to go back and see what happened here,” he said, adding that it could be some time before systems are back to normal, because they will not “just automatically recover.”
The news rattled CrowdStrike’s stock CRWD, -11.10%, in what multiple analysts described as a black eye for the company.
Raj Joshi, senior vice president at Moody’s, said the incident would hurt CrowdStrike’s reputation, despite the company’s strong track record of innovation, market leadership, growth and customer-retention rates.
“The disruptions will also negatively impact operating performance, and there is a risk of large potential liability claims from customers that were affected by the outages,” Joshi said. “While this incident calls into question CrowdStrike’s software-engineering practices, it also underscores growing vulnerabilities in global cloud infrastructure from increasing points of failure.”
The CrowdStrike outage has also affected some applications and services at NASA, according to the space agency.
“NASA is assessing potential impacts to agency systems related to Microsoft partner CrowdStrike. So far, we have seen some impact to various Microsoft 365 apps and services,” a NASA spokesperson told MarketWatch.
“Currently, there are no impacts to operations or communications for the International Space Station,” the spokesperson added. “We are continuing to monitor the situation.”
CrowdStrike’s stock was last down 11% as the fix was being implemented, after falling more than 20% early in the day.
Microsoft shares MSFT, -0.74% slipped 0.7%.
Eleanor Laise contributed.