1. Millions of users affected
This issue has affected millions of users, causing particularly serious consequences in sectors such as aviation, telecommunications, and banking.
The cause of this has been traced to an update from CrowdStrike, a cybersecurity platform providing security solutions for Windows computers.
CrowdStrike, the cybersecurity company, stated that the incident was not due to a security flaw or cyberattack but originated from a faulty update from Windows.
"The incident occurred when we deployed a faulty update to computers running Microsoft Windows," the company said.
According to several news sources, long queues formed at airports in the United States, Europe, and Asia as airlines lost access to check-in and booking services precisely when many travelers were heading out for summer vacations.
News outlets in Australia, where telecommunications were severely affected, ceased broadcasting for several hours. Hospitals and doctor's offices experienced issues with appointment scheduling, while banks in South Africa and New Zealand reported disruptions to their payment systems or websites and apps.
Some athletes and spectators heading to Paris (France) ahead of the Olympics experienced delays, although the organizers reassured that these disruptions were limited and did not affect ticket sales or the torch relay.
DownDetector, a company monitoring internet service disruptions reported disruptions affecting airlines, payment platforms, and online shopping websites worldwide.
Cybersecurity expert James Bore commented that the incident would cause significant harm, such as hospitals struggling to manage appointments and patients potentially not receiving timely care from doctors.
"Unfortunately, fatalities are inevitable," James said.
Microsoft 365 posted on social media X that the company is redirecting affected traffic to alternate systems to minimize impact.
CrowdStrike's CEO, George Kurtz, posted on X: "CrowdStrike is actively working with customers affected by a flaw found in a single Windows server update. Mac and Linux servers were not affected. This is not a security incident or cyberattack. The issue has been identified, isolated, and a patch has been deployed."
"We are directing customers to support portals for the latest updates and will continue to provide comprehensive and continuous information on our website. Additionally, we recommend organizations ensure they are contacting CrowdStrike representatives through official channels. Our team is fully mobilized to ensure security and stability for CrowdStrike customers."
The company's Nasdaq stock trading from its Austin, Texas headquarters dropped nearly 15% in pre-market trading on Friday morning.
A recorded message on the company's customer service line stated that CrowdStrike was aware of reports of issues on Microsoft's portals related to Falcon sensors – referring to one of the company's products used to block online attacks.
2. Global Efforts to Respond
Meanwhile, governments, officials, and companies worldwide are making efforts to respond.
New Zealand Prime Minister David Seymour stated on social media X that domestic officials are acting swiftly to understand potential impacts, adding that he had no information suggesting this posed a cybersecurity threat.
On the morning of July 19th, significant flight delays were reported at airports, largely due to issues with individual airlines' booking systems.
In the United States, the Federal Aviation Administration (FAA) reported that airlines such as United, American, Delta, and Allegiant had ceased operations. Airlines and railways in the UK were also affected.
For athletes and spectators arriving from around the world to Paris for the Olympics, the city's airport management agency stated their computer systems were unaffected, but airline disruptions caused delays at the capital's two major airports.
In Germany, Berlin-Brandenburg Airport halted flights for several hours due to difficulties in passenger processing, while landing at Zurich Airport was suspended and flights in Hungary, Italy, and Turkey were disrupted. KLM Airlines of the Netherlands stated they had been forced to suspend most operations.
Widespread issues were reported at Australian airports, where long passenger queues formed and some were stranded due to disabled online check-in services and self-service kiosks, although flights continued to operate.
In India, Hong Kong, and Thailand, airlines were forced to manually check in passengers.
While power outages were occurring worldwide, Australia seemed particularly affected by this issue. Disruptions reported on the DownDetector website included NAB, Commonwealth, and Bendigo banks, and airlines Virgin Australia and Qantas, as well as internet and phone providers like Telstra.
National news channels including public broadcaster ABC and Sky News Australia were unable to broadcast on their television and radio channels for several hours. Some news presenters appeared online from darkened offices in front of computers displaying "Blue Screen of Death".
Hospitals in several countries also reported consequences. The UK's National Health Service (NHS) said Blue Screen incidents had caused disruptions at most doctor's offices nationwide. NHS England stated in a statement that it affected the electronic health record and appointment systems used across the public healthcare system.
Some hospitals in northern Germany canceled all scheduled surgeries on Friday, fortunately emergency services were not affected. Israel reported disruptions to its hospitals and postal services.