Shares of CrowdStrike plummeted as the widely used U.S. cybersecurity company raced to undo the damage from a failed software update that caused a worldwide IT outage, disrupting major airlines, banks and other businesses. Crowdstrike shares were down as much as 20% in premarket trading though they partially recovered later in the day and, as of mid-afternoon ET, were down around 9%. Wedbush senior equity analyst Dan Ives called the outage a “black-eye moment” for CrowdStrike, which serves hundreds of Fortune 500 companies.
“Today CrowdStrike becomes a household name but not in a good way,” Ives said in a note to investors.
Flights in airports across the world were grounded, leading to widespread cancellations and delays, with the Dutch arm of Air France-KLM suspending operations. Mass General Brigham, a nonprofit that operates one of the largest hospital systems in Massachusetts, canceled all non-urgent visits to its hospitals and clinics. British television channel Sky News was temporarily unable to broadcast.
🚨GLOBAL IT OUTAGE
— Anonymous TV 🇺🇦 (@YourAnonTV) July 19, 2024
- Caused by cybersecurity firm CrowdStrike
- Faulty update crashes Windows
- Affecting companies and organizations
- PCs show 'Blue Screen of Death'
- Banks, airlines, media also impacted
- Many PCs require individual fixes pic.twitter.com/vfyXTQxQFm
“It’s a disaster,” Ives said in a television interview with CNBC. “It’s something we’ve never really seen in the cybersecurity industry at this scale. This is a bit unprecedented.”
U.S. stock exchanges were fully operational Friday morning, however, with CrowdStrike shares partially recovering from a premarket low of $270.08. The stock climbed back above the $310 mark Friday morning, down about 9% from Thursday’s close of $343.05. Microsoft shares fell over 3% in premarket trading but quickly surged back around the level of Thursday's close of $440.37 after the market opened.
Unlike cybersecurity firms that apply protection directly to backend server systems, CrowdStrike is a “endpoint security” firm that deploys cloud technology to apply protections to devices that are connected to the internet, per CNBC.
CrowdStrike CEO George Kurtz said a defect found in a single content update for Windows hosts using the company's Falcon platform caused the outage, which is why Mac and Linux users were not impacted.
Today was not a security or cyber incident. Our customers remain fully protected.
— George Kurtz (@George_Kurtz) July 19, 2024
We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can…
Microsoft users across the world woke up to an error message known as the “blue screen of death,” with many computers stuck in a state of continuously restarting.
“This is not a security incident or cyberattack," Kurtz said in a statement on X. "The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.”
Ives said the outage could present an opportunity for CrowdStrike's competitors, but he also cautioned that chief information officers and companies would need to chart a cautious approach as the legal implications of the outage emerge.
As of midday Friday, shares of fellow cybersecurity companies Palo Alto Networks and SentinelOne were up around 2% and 4%, respectively.