Public Sectorcritical software failure5 min read

CrowdStrike Outages 2024

Downtime Duration

1 hour

Estimated Costs

£385 Million

Scope

Multi-site

Operational Impact

  • Multiple industries (Airlines, Healthcare, Banking etc) affected
  • Mass Downtime
  • Heavy financial losses for all parties involved

Summary

CrowdStrike is amongst the most prominent cybersecurity providers today. They support countless businesses across all industries, which makes one simple mistake all the more devastating.

Full Analysis

Introduction

In July 2024, Cybersecurity provider CrowdStrike released their latest update at the time. Unknowingly, this update contained a fault that severely affected thousands of Microsoft PC systems used by businesses across the world. Despite CrowdStrike quickly fixing the update, the outages still caused mass disruption. 

Entry Vector (How it Happened) 

On July 19th at 4:09 am, CrowdStrike released a new update for their Falcon software scanning systems primarily used by Microsoft PC systems across the world. It included a modification to Channel File 291, a configuration file that is responsible for screening Named Pipes, a special file that which allows computers to run processes to share data across networks. Unfortunately, the update was faulty as it contained a logic error (Crowdstrike.com, 2024A) that caused the Falcon software to produce incorrect or unexpected results when scanning files, causing Windows systems to crash and reboot repeatedly (Sharwood, 2024). The main infrastructure affected were Windows 10 and 11 systems that would keep looping or eventually enter a ‘safe mode’ that freezes most of a computer’s operating system until it’s problems can be diagnosed and fixed (Baran, 2024). 

This was only made worse by the fact that anyone who subscribed to CrowdStrike’s systems couldn’t delay the faulty update, which was automatically installed so quickly many users had no idea what the issue was until it was too late, leading many Windows PC systems to crash. (Speed, 2024).    

Recovery  

CrowdStrike quickly reverted the update at 7:15am just over an hour after it was implemented (Crowdstrike.com, 2024A), which allowed some systems to be restored.   

At 9:15am, CrowdStrike CEO George Kurtz tweeted an official response to the outage, reassuring that the issues with the new update had been fixed and that the outage was not the result of a cyberattack: 

CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.” (Kurtz, 2024). 

CrowdStrike however did warn that hackers could use the outage to defraud customers by posing as CrowdStrike officials looking to ‘fix’ any issues they might have (news.sky.com, 2024). By 9:00pm Kurtz announced on the CrowdStrike website that 99% of all windows servers were back online (Crowdstrike.com, 2024A). 

Impact 

To say that CrowdStrike’s faulty update had a severe impact would be an understatement; the update caused mass disruption across the world as many industrial systems utilise Microsoft’s technology, which utilises CrowdStrike’s system for organisation and cybersecurity. This included airports, banking, and healthcare, and government services (Fraser, 2024) (Dunstan, 2024). It would take a monumental task to discuss every business affected and how, so below are some of the most significant examples.

Healthcare 

Since healthcare has heavily digitalised in the 21st century, they were hit hard by the CrowdStrike update. IT systems for health records, diagnostics and scheduling were inaccessible (Chou, 2025). In the US alone around 750 hospitals experienced significant downtime, according to study estimates (Greenburg, 2025).  Thankfully, despite heavy financial losses and 8647 cases of instances of “The Blue Screen of Death” (BSOD), many workers were able to continue operations with minimal disruption thanks to response plans. (Dennis etc, 2025). 

Banking 

The outage caused many banks and their customers to suffer disruptions because of the outage affecting online services, apps, internal systems and even ATMs (Nadeau, 2024). These effects were felt globally in areas such as Australia (Burgess etc, 2024), Singapore (Cheah etc, 2024), Brazil and more (Reuters, 2024). This led to numerous issues, such as websites being unable to be updated, to customers being unable to login to their accounts.   

Air Travel 

Like banking systems, the outage disrupted air travel across the world, affecting both airline companies and airports, with up to 5000 flights being cancelled (bbc.com, 2024). Many airports in countries such as Hong Kong (thestandard.com.hk, 2024), Germany (tagesschau.de, 2024), and India (economictimes.indiatimes.com, 2024) were reported as having to resort to manual, pen and paper check-ins and handwritten signs to direct passengers as delays became common.   

Arguably and notably the most affected airline was the US based Air Delta. Unlike other airline companies, that were able to return to normal by July 22nd, they struggled to halt the disruption to their services. This was blamed on a lack of secure contingency plans for an event such as this (Patch, 2025) and forgoing personal cybersecurity experience in favour of third parties that left them unfamiliar with their own systems (Nasir, 2025).  Delta was forced to cancel up to 6200 of their flights, leaving many customers dissatisfied after being forced to change or cancel travel plans, feeling as if they had been left stranded and undercompensated (Isidore, Timm-Garcia and Rosales, 2024).  

The US Transportation Department launched an investigation into Delta’s handling of the crisis, citing that they aim to “ensure the airline is following the law and taking care of its passengers during continued widespread disruptions … Our department will leverage the full extent of our investigative and enforcement power to ensure the rights of Delta’s passengers are upheld.”, Delta Airlines later stated that they would be fully cooperating with the investigation (theguardian.com, 2024)  

Financial 

Since CrowdStrike manages cybersecurity for more than half of the companies on both the Fortune 500 and 1000 (Singh, 2024), they all incurred massive losses up to $5.4bn due to the disruption caused by their tech unexpectedly crashing. This included companies in tech, airlines, healthcare and banking (Jones, 2024). Whilst the top 500 of these companies are covered by insurance, only $540m to $1.08bn of these losses would be insured, according to insurance firm Parametrix (McMahon, Fraser & Sherman, 2024). 

Legal  

According to the European Union’s General Data Protection Regulation (GDPR), CrowdStrike may have violated one of its regulations due to potential security leaks caused by the outage that may have led to data leaks and destruction, which can lead to fines of up to 4% of a company’s global revenue. However, it’s unclear whether a data breach has occurred at all that CrowdStrike was directly responsible for, especially as a third-party supplier (Stokel-Walker, 2024). 

In terms of liability, CrowdStrike’s terms and conditions state that customers can claim a refund if their services are not satisfactory (Shamsian, 2024). Since CrowdStrike moved quickly solve the faults within the bad update and help their customer base, its likely they won’t face many consequences as they could make the argument that they never intended or attempted to defraud anyone. 

In December 2024, Delta Airlines sued CrowdStrike, citing gross negligence and poor business practices, demanding $500m to cover cancelled flights as well as customer refunds and accommodation. CrowdStrike countersued Delta, claiming that they never breached their contract with Delta and that they never intended to defraud the company (Novet and Josephs, 2024). Furthermore, CrowdStrike also cited Delta’s refusal to accept additional help from their company for recovery, as well as their own negligent practices and systems leading to delta passengers suffering more losses and delays compared to other airlines, even to the point that Delta was investigated by the Department of Transportation for their handling of the crisis (Goswami, 2024).  

As of May 2025, an Atlanta Judge ruled that Delta Airlines could proceed in their lawsuit, allowing them to make their claims in court (McGladrey, 2025). In 2026, an Austin judge ultimately ruled in favour of CrowdStrike, concluding that the company had indeed no intentions of defrauding any shareholders, including Delta (Stempel, 2026). 

The Seamless Solution 

This is a unique yet detrimental situation; Since the mass outages were caused by a dodgy update rather than a virus sent out by hackers the main solution seems rather simple. The best advice could be seen as every company affected simply having a full backup of operating systems prepared in the event of a new update turning out to be bad.   

However, the reason the virus became so widespread was because it was an automatic update containing an overlooked error. Therefore, the best option would be for CrowdStrike to properly test their update in a secure environment to check for any bugs before issuing it worldwide. Likewise having a user option to manually update operating systems, whilst slightly inconvenient, could have prevented the faulty update from being as widespread as it was. CrowdStrike should still be commended for their swiftness in solving the issue and offering help to affected customers. 

Conclusion 

Despite being able to quickly resolve the issue as well as efficiently and consistently mobilise to assist their customers during this time, CrowdStrike should never underestimate the dangers of a simple coding bug. One small mistake is all it takes to cause issues that has wide fetching consequences. 

Sources 

  • Bbc.com (2024): Global IT chaos persists as CrowdStrike boss admits outage could take time to fix. Live reporting news articles published by bbc.com: https://www.bbc.com/news/live/cnk4jdwp49et 
  • Dennis, C; Evans, C.S; Duckworth, K; Skinner, M.M; Hanna, J; Thompson, T; Herring, D; Medford, R.J (2025): Resilience in the Face of Disruption: Viewpoint on the CrowdStrike Incident in July 2024. Academic article published by National Library of Medicine: https://pmc.ncbi.nlm.nih.gov/articles/PMC12404578/ 
  • Economictimes.indiatimes.com (2024): Microsoft tech glitch: Airlines across globe affected, IndiGo, SpiceJet & Akasa say ops impacted at Mumbai, Delhi airports. Online News Article published by Economictimes.indiatimes.com: https://economictimes.indiatimes.com/nri/visit/microsoft-tech-glitch-aviation-cos-across-globe-affected-check-in-systems-impacted-at-mumbai-delhi-airports/articleshow/111855229 
  • Greenburg, A (2025): At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds. Online Article published by wired.com: https://www.wired.com/story/at-least-750-us-hospitals-faced-disruptions-during-last-years-crowdstrike-outage-study-finds/ 
  • Isidore, C; Timm-Garcia, J; and Rosales, I (2024): Delta passengers are angry, but will be back. They have little choice. Online News Article published by cnn.com: https://edition.cnn.com/2024/07/28/business/delta-passengers-meltdown  
  • Kurtz, G (2024): Twitter/X Statement on CrowdStrike Outage: https://x.com/George_Kurtz/status/1814235001745027317  
  • McGladrey, K (2025): Delta v. CrowdStrike: When Vendor Failures Meet Legal Accountability. Online news article published by LinkedIn.com: https://www.linkedin.com/pulse/delta-v-crowdstrike-when-vendor-failures-meet-legal-kayne-mcgladrey-rv19c/ 
  • McMahon, Fraser & Sherman, (2024): CrowdStrike backlash over $10 apology voucher. Online news article published by bbc.com: https://www.bbc.co.uk/news/articles/ce58p0048r0o 
  • Nadeau, J (2024): Recent CrowdStrike outage: What you should know. Online news article published by ibm.com: https://www.ibm.com/think/news/recent-crowdstrike-outage-what-you-should-know? 
  • Nasir, M. (2025): Impact of CrowdStrike outage on Delta Airlines [Poster presentation]. Academic article Published by Lynn University Student Research Symposium, Boca Raton, FL, United States: https://spiral.lynn.edu/studentpubs/178/#:~:text=CrowdStrike%20outage%20in%20July%202024,Air%20Lines%20INC%2C%202023). 
  • Novet, J; and Josephs, L (2024): Delta, CrowdStrike sue each other over widespread IT outage that caused thousands of cancellations. Online News Article published by cnbc.com: https://www.cnbc.com/2024/10/25/delta-suit-against-crowdstrike-after-it-outage-caused-cancellations.html   
  • Patch, J (2025): Delta’s Meltdown Wasn’t Just a Tech Failure. It Was a Boardroom Failure. Online Blog published by theopinionpages.com: https://theopinionpages.com/2025/07/deltas-meltdown-wasnt-just-a-tech-failure-it-was-a-boardroom-failure/ 
  • Shamsian, J (2024): CrowdStrike’s terms and conditions say most customers would just get a refund due to the massive outage, cybersecurity lawyer says. Online news article published by businessinsider.com: https://www.businessinsider.com/crowdstrike-terms-conditions-limits-damages-to-refund-2024-7 
  • Speed, R (2024): Administrators have update lessons to learn from the CrowdStrike outage. Online news article published by theregister.com: https://www.theregister.com/2024/07/23/crowdstrike_lessons_to_learn/ 
  • Stempel, J (2026): CrowdStrike defeats shareholder lawsuit over huge software outage. Online news article published by Reuters.com: https://www.reuters.com/legal/government/crowdstrike-defeats-shareholder-lawsuit-over-huge-software-outage-2026-01-14/ 
  • Stokel-Walker, C (2024): CrowdStrike could have a European-size data problem on its hands. Online news article published by fastcompany.com: https://www.fastcompany.com/91160759/crowdstrike-data-gdpr   
  • Theguardian.com (2024): US opens investigation into Delta after airline cancels thousands of flights. Online News Article published by Theguardian.com: https://www.theguardian.com/technology/article/2024/jul/23/delta-investigation-crowdstrike-flight-cancellations 
  • thestandard.com.hk (2024): Microsoft system global outage affects HK Express and Cathay Pacific, switching to manual check-ins. Online News Article Published by Thestandard.com.hk: https://www.thestandard.com.hk/news/article/218559/  

See the Recovery Orchestration Engine in action.

Tour the solution story built for investors and acquirers.

No lock-inIntegrates with your existing stackEnterprise ready