Services from airlines to healthcare, shipping and finance were coming back online on Friday evening after a mistake in a security software update sparked hours-long global computer systems outages, another incident highlighting the vulnerability of the world's interconnected technologies.
After the outage was resolved, companies were dealing with backlogs of delayed and cancelled flights and medical appointments, missed orders and other issues that could take days to resolve. Businesses also face questions about how to avoid future blackouts triggered by technology meant to safeguard their systems.
A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered systems problems that grounded flights, forced broadcasters off-air and left customers without access to services such as healthcare or banking.
Global shipper FedEx faced major disruptions and some moderators who police content on Meta's Facebook were hit.
CrowdStrike is not a household name, but it is an $83 billion company with more than 20,000 subscribers around the world, including Amazon.com and Microsoft.
CrowdStrike chief executive George Kurtz said on X that a defect was found "in a single content update for Windows hosts" that affected Microsoft customers.
We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company
"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company," Kurtz told NBC News.
CrowdStrike has one of the largest shares of the highly competitive cybersecurity market, leading some industry analysts to question whether control over such operationally critical software should remain with just a handful of companies.
The outage also raised concerns that many organisations are not well-prepared to implement contingency plans when a single point of failure such as an IT system, or a piece of software within it, goes down. But these outages will happen again, experts say, until more contingencies are built into networks and organisations introduce better back-ups.
The scale of the outage was massive, but not yet quantifiable because it involved only systems that were running CrowdStrike software, Ann Johnson, who heads Microsoft's security and compliance business, said.
"We have hundreds of engineers right now working directly with CrowdStrike to get customers back online," she said.
"This event is a reminder of how complex and intertwined our global computing systems are and how vulnerable they are," Gil Luria, senior software analyst at DA Davidson, said.
"CrowdStrike and Microsoft will have a lot of work to do to make sure that it won't allow other systems and products to cause this kind of failure in the future," he said.
Travel disruptions
Air travel was immediately hit by the issue because carriers depend on smooth scheduling that, when interrupted, can ripple into lengthy delays.
Around 5,000 of the scheduled commercial flights on Friday were cancelled globally, with more expected, according to aviation analytics firm Cirium.
Delta Air Lines was one of the hardest hit, with 20 per cent of its flights cancelled, according to flight tracking service FlightAware. The U.S. carrier said it expected additional delays and cancellations potentially through the weekend.
Airports from Los Angeles to Singapore, Amsterdam and Berlin said airlines were checking in passengers with handwritten boarding passes, causing delays.
Banks and financial services companies warned customers of disruptions and traders across markets spoke of problems executing transactions. Insurers could face a raft of business interruption claims.
Healthcare providers also reported being impacted by the outages, with booking systems sent offline, while some broadcasters, including Sky News, were forced off-air.
As the day progressed, more companies reported a return to normal service. -Reuters