Outages were experienced worldwide, reflecting the wide use of Microsoft Windows and CrowdStrike software by global corporations in numerous business sectors. At the time of the incident, CrowdStrike said it had more than 24,000 customers, including nearly 60% of
Fortune 500 companies and more than half of the
Fortune 1000. On 20 July, Microsoft estimated that 8.5 million devices were affected by the update, which it said was less than one percent of all Windows devices. At 04:09 UTC on 19 July, the time when the faulty update was issued, it was the middle of the business day in Oceania and Asia, the early morning hours in Europe, and midnight in much of the Americas. Some countries were less affected. China, which has striven toward
self-sufficiency in IT, saw no impact on its daily services including airlines and banks, although some foreign branch companies and luxury hotels in the country were affected. Russia and Iran—both restricted by international sanctions from using the services of American high-tech companies—reported no disruptions. Cyber risk quantification company Kovrr calculated that the total cost to the UK economy will likely fall between £1.7 and £2.3 billion ($2.18 and $2.96 billion). Specialist cloud outage insurance firm Parametrix estimated that the top 500 US companies by revenue, excluding Microsoft, had faced near $5.4bn (£4.1bn) in financial losses because of the outage, but only between $540m (£418m) to $1.08bn (£840m) of those losses would be insured.
CrowdStrike liability CrowdStrike's own
terms and conditions for their Falcon software limit
liability to "fees paid", effectively a refund. Larger customers may have negotiated different terms. In the EU, it is possible that CrowdStrike will be held liable under a
GDPR regulation related to the impact of security incidents on user data. The regulation is best known in relation to
data leaks but also applies to
data destruction. It is unclear whether temporary loss of access to data is enough to trigger liability, or whether GDPR applies to all incidents related to security or only unauthorised access. Further, the incident could be classed as a "personal data breach" which would be a data breach of the GDPR under Article 4, "Definitions", paragraph 12. On 19 July 2024, a data-protection expert reported a breach of Article 32, "Security of processing".
Air transport at
Dulles International Airport displaying a blue screen of death during the incident Globally, 5,078 air flights, 4.6% of those scheduled that day, were cancelled.
Oceania Australian airlines
Qantas,
Virgin Australia, and
Jetstar were affected. A
Sydney Airport spokesperson said that the outage had affected some operations and that "there may be some delays throughout the evening".
Melbourne Airport saw check-in procedures disrupted; officials advised passengers to consult with their airlines. The
Adelaide,
Brisbane,
Canberra,
Darwin,
Hobart,
Launceston, and
Perth airports were also affected. In New Zealand,
Christchurch Airport also had problems.
Asia , Indonesia, after the airline's check-in system was disrupted.
Hong Kong International Airport experienced delays during check-in, primarily for passengers of the local budget carrier
Hong Kong Express, whose staff members used handwritten signs to direct passengers to check-in counters. The
Hong Kong Airport Authority activated an emergency response after airline websites and automatic
check-in malfunctioned. The booking systems of local airlines
Cathay Pacific, Hong Kong Express, and
Hong Kong Airlines were unavailable. HKExpress cancelled some flights on 20 July.
Jeju Air Some of the self-check-in kiosks in
Singapore Changi Airport were affected, delaying and forcing airlines to switch to manual check-in, and
Singapore Airlines and
Scoot reported service difficulties on 19 July.
Cebu Pacific and
Philippines AirAsia flights were delayed. Long queues formed at
Ninoy Aquino International Airport. In
Taiwan, airline system disruptions were reported at
Taoyuan International Airport. In Indonesia, disruptions were reported for the check-in systems of
AirAsia and
Citilink. In Thailand,
Thai AirAsia's reservation and check-in systems were affected. In India, the outage affected
Indigo Airlines,
Akasa Air,
SpiceJet, and
Vistara. Handwritten boarding passes were issued throughout the outage. The
Ministry of Civil Aviation ordered airlines and airports to be compassionate and provide food and seating to waiting customers as needed. At 18:14
IST (12:44 UTC), over 200 Indian flights had been cancelled;
IndiGo alone had cancelled 192. Airlines that relied on Microsoft Azure for their services were affected.
Air India and SpiceJet stated that none of its flights were cancelled due to the outage, attributing it to their robust cyber system. However, minute delays were reported.
Europe Prague Airport in Czechia,
Budapest Airport in Slovakia, and
Schiphol Airport in the Netherlands experienced problems. Planes were barred from landing at
Zurich Airport.
ENAIRE's Aena, the Spanish national airport traffic control manager, mentioned an IT outage on their website and social media. All Spanish airports reported disruptions.
Charles de Gaulle Airport and
Orly Airport experienced check-in problems and suspended flights.
Poznań–Ławica Airport and
Warsaw Chopin Airport experienced check-in disruptions. An emergency system was activated, and check-in processes were slower.
Berlin Brandenburg Airport announced that since around 07:00 (UTC+2), operational processes had been affected by "IT problems at an external provider", and that they planned to stop flights until 08:00 UTC. While passenger handling continued with some restrictions, there were delays and airlines cancelled some flights. Several airlines (
Eurowings,
Ryanair,
Vueling, and
Turkish Airlines) in
Hamburg Airport had to issue tickets by hand. Croatian and Swedish air traffic control were also disrupted.
Swiss International Air Lines had 30% of flights grounded.
Lufthansa in Germany experienced problems with the "profile and booking retrieval" features of their website. Ryanair's booking and check-in services were unavailable and the airline was "forced to cancel a small number of flights", advising passengers to arrive at airports at least three hours before departure.
Wizz Air said the outage put its online services offline. Dutch airline
KLM suspended most operations, announcing that flight handling was impossible with the issue, and
Transavia Airlines experienced problems.
Finnair reported that they were having trouble sending emails and SMS messages to customers. In Greece, citizens and tourists saw delays at major airports, notably at
Athens International Airport and at
Heraklion International Airport. This disruption, occurring at the peak of the tourist season, resulted in chaotic scenes as passengers were forced to wait for hours for their flights. Contributing factors included severe staff shortages and new schedules. In Heraklion, eight flights were problematic. The airport's chief, George Pliakas, indicated that flights were being manually arranged to manage the disruption, but the influx of arriving flights strained the system. Several UK airports had problems, including
Edinburgh Airport, whose departure boards froze, and
Gatwick Airport, where automatic barcode scanning stopped working and tickets had to be checked manually. Disruption to flights was anticipated in the
Isle of Man, particularly to and from the UK, but ultimately minimal.
Middle East and North Africa Tunisia experienced temporary airport disruptions. Turkish Airlines cancelled some of its flights due to the outage.
North America in Idaho during the incident In the mid-morning of Friday, July 19, a
ground stop was issued by
United,
Delta, and
American Airlines, halting takeoffs but allowing aircraft aloft to reach their destinations.
Allegiant Air was also grounded by the outage. Around 10:30 a.m. Eastern time, AP reported that about 1,500 flights had already been cancelled in the United States due to the outage. American Airlines, United, and Allegiant recovered relatively quickly after Friday. However, Delta, the most affected of the
US major airlines, experienced an operational meltdown that continued through the weekend. The airline cancelled more than 1,200 flights on Friday. Thousands of stranded travellers were forced to spend the night at
Hartsfield–Jackson Atlanta International Airport, Delta's largest hub and the
busiest airport in the world by passenger traffic. One traveller attempting to return home to Tampa (after giving up on reaching California) reported that
Amtrak was charging $1,000 for a one-way train ticket from Atlanta to Tampa. Visibly distraught passengers with nowhere to go were seen trying to sleep in the airport on hard linoleum floors without blankets or food. This imposed hardship on parents who had been counting on that service to enable their children to fly without the expense of an accompanying adult. and more than 1,300 flights on 21 July. With so many passengers still stuck in Hartsfield–Jackson after two consecutive nights, the airport implemented a "concessions crisis plan" and a plan to reunite passengers with their checked baggage. On 21 July, Delta CEO
Ed Bastian apologised to customers in a statement and revealed that the outage had left one of Delta's crew-tracking software programs "unable to effectively process the unprecedented number of changes triggered by the system shutdown". Delta CIO Rahul Samant said the program had been brought back online around 11 a.m. on 19 July, but was overwhelmed by the backlog of updates awaiting processing and had been trying to catch up ever since. He told a press conference, "There's a lot of things I'm very concerned about, including people being on hold for hours and hours, trying to get a new flight, people having to sleep on airport floors, even accounts of unaccompanied minors being stranded in airports, unable to get on a flight". He told
CBS News: "Stories about people in lines of more than a hundred people with just one customer service agent serving them at an airport, that's completely unacceptable." By then, numerous passengers had ended up in different airports than their baggage because of Delta's flight cancellations, resulting in large piles of unclaimed suitcases and other checked baggage at Delta's airport terminals around the world. On 25 July, Delta returned to normal flight operations, having cancelled more than 7,000 flights; passengers had filed more than 5,000 complaints about Delta with the Department of Transportation. On 26 July,
The Washington Post reported that the department was investigating allegedly misleading communications from Delta that offered only credit towards future Delta flights as compensation for cancelled flights and failed to clearly notify passengers of their legal right to a cash refund. On 8 August, Delta confirmed in a filing with the
US Securities and Exchange Commission that over 7,000 flights had been cancelled over five days, and estimated its losses at $380 million in lost revenue and $170 million in expenses (adding up to about $550 million). Delta also estimated that around 1.3 million passengers had been affected by the flight cancellations.
United Airlines' smaller number of cancellations had a significant impact on its hubs. For example,
San Mateo County hotels around
San Francisco International Airport rapidly filled up with travellers on 19 July. Guests reported difficulty with checking into the local Marriott hotel because
Marriott International was also recovering from the outage. The flight delays meant that many people who had travelled to the
2024 Republican National Convention—which concluded the day the outages started—were stuck in the convention's host city of
Milwaukee, Wisconsin.
Montréal–Trudeau International Airport and
Toronto Pearson International Airport were affected in Canada, and
Porter Airlines cancelled all flights.
Vancouver International Airport was also reportedly affected in Canada, although it was unclear whether this was directly related to the global outages.
Finance affected by service disruption from the incident in India Microsoft and CrowdStrike stocks fell as a result of the outage. CrowdStrike's stock fell more than 11% on 19 July, although Microsoft stock was down less than 1%.
RBC,
Scotiabank, and
TD Bank in Canada;
Capitec Bank and other South African banks; and several banks in the Philippines, including
RCBC,
Metrobank,
LandBank,
BDO,
UnionBank,
BPI, and
PNB. E-wallets such as
Maya and
GCash also experienced problems in the Philippines. The website and mobile banking application of
DenizBank in Turkey could not be accessed.
Visa was affected. few banks use CrowdStrike tools and many banks' critical systems do not run on the cloud.
NSE,
BSE, In Brazil,
Bradesco Bank confirmed it was affected. During the morning customers were able to log in to their accounts, but at 12:00 UTC the bank disabled the login button. New Zealand banks
ASB and
Kiwibank were affected, while Australian banks
Westpac In Finland,
OP Financial Group reported minor disruptions on investment partner and stock savings accounts.
Sense Bank in Ukraine experienced outages due to the update. Paraguayan banks and were affected; their customers were unable to log in.
Government The United States
Department of Homeland Security,
NASA,
Federal Trade Commission,
National Nuclear Security Administration,
Department of Justice, and
Department of Education were affected, and the
Department of the Treasury and
Department of State reported minor disruptions. The
Department of Veterans Affairs and
Department of Energy experienced disruptions, but it is not currently known if they are related to the incident.
DMV agencies for the states of Georgia, Kansas, Missouri, North Carolina, Tennessee, and the District of Columbia were affected.
Ted Wheeler, the mayor of
Portland, Oregon, declared the outages to be a city emergency. Election and voting registration databases in Arizona, South Dakota, Texas and the state of Washington were affected. The website for the city of
Sioux Falls, South Dakota, went down. In the United States, there were outages in
911 service or disruptions in 911 call centres' operation in some parts of Alaska, Arizona, Florida, Iowa, Indiana, Kansas, Maryland, Michigan, Minnesota, New York, Ohio, Oregon, Pennsylvania, and Virginia. In addition, Alaska experienced issues with non-emergency call centres. However, several
state courts reported problems with their computer systems, including courts in Alaska, California, Delaware, Idaho, Kansas, Maryland, Massachusetts, Michigan, Nevada, New York, and Pennsylvania. In Canada, services in Toronto were affected,
New Zealand Parliament had problems. The
fire department in Copenhagen, Denmark, was unable to receive automatic fire alerts from buildings.
Ground transport Traffic disruptions were reported at the
US–Canada border, The
Canada Border Services Agency blamed a partial outage of its telephone reporting system which was later resolved. The
Washington Metro Area Transit Authority suffered minor service delays in the early morning in America; their website/live tracking was unavailable until around 9:30 am on 19 July. The
Massachusetts Bay Transportation Authority in Boston, as well as the
Metropolitan Transportation Authority in New York, lost vehicle tracking and arrival notices for passengers. Most North American freight and passenger train operators went largely unaffected aside from some technical issues within
Union Pacific and
Canadian Pacific Kansas City. Amtrak was mostly unaffected aside from issues with credit card processing during the morning. Malaysia's railway operator,
Keretapi Tanah Melayu, confirmed that its KITS ticketing system was experiencing technical issues.
Transport for Ireland said its apps were down due to the outage. Ireland's
Road Safety Authority said it was experiencing "significant disruption" to its
National Car Test (NCT) centres. In
Singapore, the entrance and exit gantries of over 185 car parks managed by the
Housing and Development Board (HDB) were affected. Fuel stations were also affected in Australia, with people stuck at fuel pumps unable to pay for petrol because payment systems were not working. Australian freight train operator
Aurizon was affected. Cab riders in London could not pay with credit or with debit cards and thus required cash. and Belgium, tickets for public transport could not be sold, and
Keolis Nederland experienced issues. Some affected hospitals, while remaining open, had limited, if any, access to patient records. In the United States,
Memorial Sloan Kettering Cancer Center postponed all procedures that required
anaesthesia, the
Mass General Brigham hospital system cancelled all non-emergency procedures and medical visits, and the
Cincinnati Children's Hospital Medical Center was also affected. and
Quest Diagnostics were affected by the outage.
Kaiser San Jose Medical Center lost access to patient records, as well as systems that monitored newborn babies' vital signs, and the security systems to keep babies from being taken. England's
National Health Service (NHS) said that the issues are "causing disruption in the majority of [English] GP practices", The
London Ambulance Service experienced an unprecedented surge Two-thirds of Northern Ireland's general practices (GPs) were affected. At hospitals radiation therapy, bookings for operating theatres, and staff rosters are also affected. in Portugal reported problems, while the
Catholic Health system in New York experienced outages that caused delays in services. Systems in
Wesley Hospital and
St Andrews Hospital in Brisbane, Australia, were affected. In Israel,
Magen David Adom and its emergency service hotline was affected. Hospitals including
Sheba Medical Center,
Rambam Hospital and
Laniado Hospital experienced problems that led to longer waiting times and delayed surgeries.
Media and communications Numerous American TV stations were unable to broadcast because of the global outage.
KSHB-TV, one of the affected stations, had to resort to airing national news via
Scripps News. ESPN and ESPN2 later simulcasted
Get Up! and
First Take in place of
SportsCenter, albeit without
on-air graphics or
B-roll. Various
Paramount channels were also affected including
Nick Jr.,
Nicktoons,
TeenNick,
NickMusic,
BET Her, and most channels on the
Pluto TV service. The then-new
MeTV Toons channel was sent off the air for five and a half hours.
Mercedes AMG PETRONAS F1 Team (which is sponsored by CrowdStrike) also suffered issues on the Friday of the
Hungarian Grand Prix, with a Mercedes spokesperson confirming that the team had to manually address the problem on every computer it used. The issue also affected their engine customers,
McLaren,
Aston Martin and
Williams. Many video screens in New York City's
Times Square turned off. When some Chinese companies let their employees go home early as a result of the incident, the topic "Thank you Microsoft for an early vacation" momentarily became
Weibo's most popular term.
Universal Studios Japan announced that they would not be selling tickets via ticket booths over the weekend due to the outage; however, tickets would still be sold online or via designated ticket sales sites. Telephone communication with the urban services in
Antwerp were also affected. The Centre for Cybersecurity Belgium stated that the impact in Belgium was limited. as was the
BBC's
CBBC, a free-to-air children's television channel. The
Canadian Broadcasting Corporation was also affected. Phone and internet service provider
Bouygues Telecom has also announced the unavailability of its customer service as a result of the outage. The operations of the
2024 Summer Olympics, scheduled to start the following week in
Paris, France, were also affected. The outage occurred a day after the
Olympic Village opened and organisers were processing the arrivals of athletes and delegates. The organising committee said that a contingency plan was activated and that only the delivery of uniforms and accreditations were affected. The incident slowed down operations, with the accreditation desk at the press centre closed and security checks done manually using a list of names. IT workers and the
BPO industry were affected in the Philippines. Numerous Singaporean companies, including
SPH Media,
Singtel, and
M1, reported various levels of service difficulties throughout the day on 19 July.
Sim racing service
iRacing was also affected by the outage in America. Various Korean online games, like
Black Desert Online,
Ragnarok Online, and
Ragnarok Origin, shut down.
Amazon Web Services,
eBay,
Google Cloud,
Instagram, and
Plenty of Fish were also affected. Customers experienced payment problems at
Foodstuffs and
Woolworths supermarkets in New Zealand. Self-checkout and online order systems at some Australian retailers and fast food chains were out of service. In the United States, sporting goods retailer
Dick's Sporting Goods closed some of its stores and saw temporary outages to its website.
Convenience store chain
7-Eleven experienced problems at
Speedway locations that still used
BlueCube and
Radiant Site Manager dating from the days Speedway was owned by
Marathon Petroleum Corporation, with some stores unable to accept credit or debit transactions while others were closed outright. In Norway, the pharmacy chain
Apotek1 and the insurance company
Tryg suspended services; the
Vitusapotek and
Boots pharmacy chains were also affected. Norway experienced little further impact because of CrowdStrike's limited market share in the country.
Amazon saw disruption to its warehouse operations and internal software. An app used in Amazon warehouses to manage schedules and time-off requests called 'A to Z' was taken down by the outage and an internal service called 'Anytime Pay' became unavailable to employees. Operations were briefly halted at some sites, while Amazon's trucking operations were disrupted, with drivers saying a platform they use called 'Relay' suffered issues, meaning they were briefly unable to pick up loads at warehouses.
Other sectors The outage affected terminal operations at
DCT Gdańsk, a major container hub in the Baltic port of
Gdańsk in Poland. Shipping ports in the US were unaffected for the most part, although the
Port of Houston (which handles the most foreign tonnage) closed briefly. In Sweden, the
Malmberget mine was evacuated as a precaution. Tickets for soccer games could not be sold. In the United States, security provider
ADT was affected. ==Response==