Insurers are now assessing the financial impact of the severe CrowdStrike software glitch from last week, which led to global computer crashes, flight cancellations, and hospital disruptions. The damage is substantial.
Described as the largest IT outage ever, the incident is projected to cost Fortune 500 companies over $5 billion in direct losses, according to an analysis published Wednesday.
These figures highlight how a single automated software update halted significant portions of the global economy, revealing the critical dependence on a leading cybersecurity firm and the challenges involved in recovery.
On the same day, CrowdStrike released a preliminary report detailing the unintentional cause of the widespread IT disruption. This report provides the most comprehensive technical breakdown of the outage so far.
Businesses are struggling to recover, with Delta Air Lines facing ongoing fallout and thousands of canceled flights. The Department of Transportation is investigating the situation.
CrowdStrike’s cybersecurity software, used by many Fortune 500 companies, experienced a major issue when an update to their Falcon software caused millions of Windows computers worldwide to crash due to compatibility problems.
The healthcare and banking sectors suffered the most, with estimated losses of $1.94 billion and $1.15 billion, respectively, according to Parametrix, the firm behind the analysis. Airlines like American and United also experienced significant losses, totaling $860 million.
Overall, the outage could have cost Fortune 500 companies up to $5.4 billion in revenue and gross profit, not including secondary losses such as reduced productivity or reputational damage. Only a small fraction, about 10% to 20%, might be covered by cybersecurity insurance policies.
Fitch Ratings noted that the most likely insurance claims from this outage will be related to business interruption, travel, and event cancellation insurance. They highlighted the growing risk of relying on single points of failure, which may increase as companies consolidate and rely on fewer vendors.
The staggering damage estimates underscore how a preventable error at a major cybersecurity firm has had widespread economic repercussions and may lead to increased scrutiny and calls for accountability for CrowdStrike.
**What Went Wrong**
On Wednesday, CrowdStrike released an initial report detailing its investigation into the incident, which involved a file designed to help its security platform detect malicious hacking attempts on customer devices.
The company typically tests its software updates before releasing them, but on July 19, a bug in CrowdStrike’s cloud-based testing system allowed a problematic update to be distributed. This issue occurred in the validation process that checks new updates before they are released.
The faulty update was pushed out just after midnight Eastern Time on July 19 and was rolled back about an hour and a half later, at 1:27 a.m. Eastern Time. However, by then, millions of computers had already downloaded the problematic update. The issue impacted only Windows devices—excluding Mac and Linux machines—and only those that were on and able to receive updates during those early morning hours.
Due to the timing, organizations in Europe and Asia experienced a more significant impact during their workday compared to those in the Americas, according to Fitch.
When Windows devices running CrowdStrike’s tools tried to access the corrupted file, it triggered an “out-of-bounds memory read” that led to a system crash, known as the Blue Screen of Death. Fixing this issue required manually deleting the faulty file—a slow and tedious process for up to 8.5 million devices.
Microsoft, which was not directly involved in the outage, noted that this figure represents a small fraction of the overall Windows ecosystem but highlights the interconnected nature of the technology landscape.
CrowdStrike reported that its testing and validation system had previously functioned correctly for other releases earlier in the year. The company has committed to preventing similar issues in the future and will release a more detailed analysis once available.
Additionally, CrowdStrike plans to implement a new validation check to prevent problematic updates and adopt a staggered release approach to ensure that updates are not deployed to all users simultaneously, providing customers with more control over the update process.
