2024 CrowdStrike incident

This site has been prepared for wiki purposes. The source is https://en.wikipedia.org/. You visit the wikipedia links on the page at your own responsibility

On 19 July 2024, computer systems around the world experienced an outage that has led to ongoing disruptions across multiple different industries, relating to a faulty CrowdStrike security software up

Cause

The incident involves the blue screens of death for Windows machines that interrupts normal operation with the message: "Recovery: It looks like Windows didn't load correctly."[1] American cybersecurity company CrowdStrike has said that they were the cause of the issues.[2] A driver update relating to their Falcon Sensor security software has been identified as the root cause of the issue.[3]

Remediation

CrowdStrike published a workaround which involves rebooting a Windows computer in safe mode and deleting the culprit driver file[s], "C-00000291*.sys", found in the %windir%\System32\drivers\CrowdStrike directory.[4]

This fix requires technicians to manually go through each affected device.[5][6]

At 09:45 (UTC) the CEO of CrowdStrike wrote on X[7] that a fix had been deployed.[8]

Impact

Outages have been experienced worldwide.[9][1][10] As many IT systems across the world use Windows and the CrowdStrike software, outages were reported across many business sectors.[11] More than 1,000 flights have been cancelled globally,[12] the travel sector in general being the most affected.[13]

Air transport

Hong Kong International Airport has been affected, causing long delays for passengers during check-in. The Hong Kong Airport Authority says the emergency response mechanism has been activated, in response to several airline websites not functioning and check-in requiring manual operation. Local Airlines Cathay Pacific, Hong Kong Express and Hong Kong Airlines have announced their booking systems are unavailable.[14]

The Japanese airline Spring Japan is experiencing issues.[15]

Cebu Pacific and Philippines AirAsia flights are delayed as their systems were experiencing technical issues.[16][17][18] Long queues have been formed at the Ninoy Aquino International Airport due to the outage.[19]

Korean airline Jeju Air is experiencing issues.[15] Europe's largest airline Ryanair reported that booking and check-in were unavailable.[20]

At Singapore's Changi Airport, some self-check-in machines have been affected, causing delays as airlines switch to manual check in.[21]

Czechia's Prague Airport was affected.[22][23]

Issues have been experienced at Budapest Airport.[24]

Planes were not allowed to land at Zurich Airport.[25]

Ryanair flights from Slovakia's Bratislava Airport have been affected.[26]

Wizz Air announced on X that their operations are impacted due to a "global 3rd party service provider incident", and that their online services would be offline for maintenance.[27][28]

Many German entities are experiencing issues including the Berlin Airport,[29] which has stopped flights until 8 (UTC).[30] Lufthansa has also been affected.[31]

Dutch airline KLM is largely suspending operations, announcing that flight handling is impossible until the issue is resolved.[32]

In the United States, a ground stop was issued by United, Delta and American Airlines. Flights in the air will continue flying, but no new flights will take off.[2]

In Brussels at Charleroi Airport, employees had to manually perform check-in causing long queues but issues were partially resolved by around 10:00 with the use of other software and there were minimal flight delays.[33]

In Switzerland, Swiss International Air Lines also experienced difficulties, with 30% of flights being grounded.[34]

Africa

South Africa

Banks in South Africa, including Capitec Bank, have been experiencing issues.[35]

Asia

China

The topic "Thank You Microsoft, Early Holiday" has surged to the top of Weibo's trending list.[citation needed]

Many users have reported encountering blue screens of death on Windows PC, and some companies have let their employees go home early.[36]

India

Outages are being experienced with Air India, Indigo Airlines, Akasa Air, SpiceJet and Vistara. Handwritten boarding passes are being issued during the outage.[37][38][30]

Major IT firms in India such as Oracle, Nokia and many others also face the outage, resulting in thousands of issues raised by employees and devices being stuck in bootloop and unable to recover.[citation needed]

Israel

In Israel, Magen David Adom and its emergency service line, as well as several public hospitals such as Sheba, Laniado, and Rambam were affected. Other affected organizations include Israel Post and several local banks.[39] Many[which?] pharmaceuticals companies are also impacted.[citation needed]

Malaysia

Malaysia's railway operator KTMB confirmed that its KITS ticketing system is experiencing technical issues.[40]

Philippines

IT workers in the Philippines who are using Windows laptops are experiencing the Blue Screen of Death.[41] Major banks, telecommunications, radio and TV broadcasts, and supermarkets are affected due to crashed POS systems.[42]

Banks in the Philippines such us RCBC, Metrobank, LandBank, BDO, UnionBank, BPI, and PNB online systems was down due to the outage.[43][44] E-wallets such us Maya, and GCash were reported also experiencing issues.[45]

Government websites in the Philippines such as the House of Representatives of the Philippines was down due to the outage.[46][clarification needed]

Singapore

Numerous Singaporean companies, including Singapore Airlines, Scoot, Singapore Post, Singapore Exchange (SGX), SPH Media, Singtel, M1, Grab and DBS Bank, reported various levels of service difficulties throughout the day on 19 July.[21][47]

Europe

Belgium

In Belgium, the issue affected the purchase of train tickets and digital announcements in the National Railway Company of Belgium stations, the office laptops of DPG Media Belgium – which impacts JOE and QMusic Radio, banks, post services, government agencies, telephone communication with the urban services in Antwerp.[48][49]

Responses

A spokesperson for the National Railway Company of Belgium said there is no impact to actual train traffic, but to all digital applications. They previously advise passengers to listen to the audio announcements in the various train stations, and if you are unable to buy a ticket to contact the train conductor.

The Centre for Cybersecurity Belgium stated that the impact in Belgium is limited.[49]

FPS Public Health have confirmed that there were two hospitals impacted and have activated their emergency IT plans. They have also stated there is no impact to care, only to new patient admissions.[49]

Croatia

The Central Health Information System of Croatia [hr] was affected, although it was clarified that it was a separate issue tied with moving their servers to a new location[50] as well as the Croatian Air Traffic Control.[51]

France

Several French TV channels affected by the issues include TF1, TFX, LCI and Canal+ Group networks.[52] Systems of the 2024 Paris Olympics have also been affected, a week before the games begin. A contingency plan has been activated.[53][54] Phone and internet service provider Bouygues Telecom has also announced the unavailability of its customer service as a result of the outage.[55] Charles de Gaulle Airport and Orly Airport both also experienced problems related to check in and suspension of flights.[56]

Germany

Two hospitals in Lübeck and Kiel have cancelled non-emergency operations.[15] Supermarket chain Tegut has closed some of its stores.[57]

Ireland

The Irish Times reported that several Irish businesses have been impacted, including Ryanair. Transport for Ireland said its apps were down due to the outage. [58]

Isle of Man

Manx Radio reported that GP surgeries were impacted[59] and that a number of flights to the island could be affected, particularly to and from the United Kingdom.[60] Businesses were reported to be "mostly unaffected".[61]

Netherlands

Businesses operating in the Netherlands experiencing issues include Schiphol airport, KNAB bank, Transavia Airlines, Keolis Nederland, government services and hospitals are starting to cancel operations and scale down medical care.[62][63]

Portugal

Professor Doctor Fernando Fonseca Hospital in Portugal has registered problems.[64]

Slovakia

The National Security Authority spokesman confirmed several institutions in Slovakia have been affected.[65]

Slovenia

The pharmaceutical company Krka is said[66] to have suffered a full outage of production and sent its workforce home.

Spain

ENAIRE's Aena, the national airport traffic control manager, has also made reference to an IT outage in their website and social media.[67]

Sweden

Air traffic was disrupted,[68] tickets for soccer games[69] and public transport could not be sold[70] and the Malmberget mine was evacuated as a precaution.[71]

Turkey

Turkish Airlines cancelled some of its flights to avoid disruptions in flights.[72] The website and mobile banking application of DenizBank, cannot be accessed.[73]

United Kingdom

24 hour news channel Sky News was unable to broadcast live,[74] as well as the BBC's CBBC, a free-to-air children's television channel.[15] Several airports experienced difficulties, including Edinburgh, whose departure boards froze,[75] and Gatwick Airport, where automatic barcode scanning stopped working and had to be checked manually.[15] Rail companies were also affected.[75] The National Health Service (NHS) said that the issues are "causing disruption in the majority of GP practices",[76] with some of its services, such as GP surgeries, which rely on a software product called EMIS Web, unable to view and manage medical records, issue and manage prescriptions, or make appointments.[77] The London Stock Exchange, while operating normally, was unable to push news updates to its website.[15]

Betting and gambling company Ladbrokes Coral and supermarket chain Morrisons also reported problems.[78][79]

Amadeus, which manages baggage at Heathrow, says they have been affected by the IT outage. [80]

Ukraine

Vodafone, Nova Poshta, and Sense Bank experienced outages due to the update. [81]

North America

Canada

The mobile app of TD Canada Trust experienced an outage. Some flights at Vancouver International Airport were affected, although it was unclear whether this was directly related to the global outages.[82] The Canadian Broadcasting Corporation was also impacted.[83]

United States

There are outages in 911 service or disruptions in 911 call centers' operation in some parts of Alaska,[84] Arizona,[85] Florida,[86] Indiana,[87] Kansas,[88] Michigan,[89] Minnesota,[90] New York,[91] Ohio,[92] and Pennsylvania.[93] 911 was down for all of New Hampshire.[94][95] In addition, Alaska is experiencing issues with non-emergency call centres.[95]

Shares have dropped in both Microsoft and CrowdStrike as a result of the outage.[96]

Oceania

Australia

Australian businesses and government agencies have been impacted by the outages, including media companies, airlines, airports, supermarkets, hospitals, universities, law firms, pharmacies, casinos, train networks, petrol stations, stadiums and banks.[22][97] Australian media firms affected by the issues include ABC, SBS, Seven Network and Nine Network.[9]

Airlines affected include Qantas, Virgin Australia and Jetstar.[98][99] A Sydney Airport spokesperson said that the outage had impacted some airline operations and that the airport may experience some delays throughout the evening.[100] Melbourne Airport has also been affected, with website statements underlining the "global technology issue" as impacting check-in procedures, and advising passengers to consult with relative airlines.[1] Canberra Airport was also affected.[22]

Retailers and fast food chains are also hit by the outage, causing self-checkout and online order systems out of service.[101] Fuel stations have also been affected, with people stuck at fuel pumps unable to pay for petrol because payment systems aren't working.[102]

Supermarkets affected include Woolworths and Coles.[22] Banking apps were down which affected banks such as NAB, Westpac, ANZ, Commonwealth Bank, Bendigo Bank and Suncorp.[22] Freight train operator Aurizon was affected.[22] Regional trains in NSW on the Hunter Line and the Southern Highlands Line were cancelled or delayed while regional trains and buses in Victoria were affected through V/Line.[22][97] Systems in some Ramsay Health Care and Uniting Care hospitals have been affected, including Wesley Hospital and St Andrews Hospital in Brisbane.[103] Sunshine Coast Council was one of several councils affected.[22]

Victorians were advised to call 000 if a fire alarm sounds or smoke is detected, as some automatic alarms in buildings may not automatically call fire services.[22]

New Zealand

Businesses operating in New Zealand experiencing issues include ANZ, ASB, Kiwibank and Westpac banks, Woolworths, and Auckland Transport's HOP card. Christchurch Airport is also having problems,[104] as well as Parliament.[30] Customers have also experienced payment issues at Foodstuffs supermarkets.[104]

Response

The Australian government held a national emergency meeting to address the outage. It was declared that the National Coordination Mechanism had been activated, with Prime Minister Anthony Albanese saying "I understand Australians are concerned about the outage that is unfolding globally and affecting a wide range of services. My Government is working closely with the National Cyber Security Coordinator".[104][105] He later said "There is no impact to critical infrastructure, government services or Triple-0 services at this stage. The National Coordination Mechanism has been activated and is meeting now".[106]

The National Crisis Center were evaluating the impact in Belgium and stated there had no reports of significant problems in the security sectors and our critical infrastructure (e.g. power plants or transport sector). They also were informed of the issue impacting two hospitals in Belgium.[49]

Last updated