On July 19, 2024, the world woke up to a massive IT outage that affected numerous industries across the globe. The culprit? A faulty software update from cybersecurity firm CrowdStrike. As the situation is ever-evolving, we will continue to update this article as new information becomes available.
CrowdStrike, a leading provider of cloud-native cybersecurity solutions, inadvertently pushed out a defective update to its Falcon platform, causing Windows machines running the affected software to crash. This has resulted in widespread disruptions across a number of sectors including airlines, finance, healthcare, and media.
Crowdstrike issued a statement and CrowdStrike CEO George Kurtz alternatively confirmed that the issue stemmed from a "defect found in a single content update for Windows hosts". He emphasized that this was not a security incident or cyberattack and that Mac and Linux systems were unaffected.
The outage had far-reaching consequences:
CrowdStrike has identified the issue and deployed a fix. However, many affected systems require manual intervention to resolve the problem. If your systems are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
Note: If you use Bitlocker, please ensure you have the recovery key before initiating this process.
Microsoft has also released some recovery tools to expedite the resolution process for IT teams and admins. See more details here.
Be on the lookout for phishing attempts or scams purporting to be Crowdstrike. There have already been a number of impersonating domains registered within the past 24 hours designed to look like Crowdstrike and will likely take advantage of the situation. All communications to CrowdStrike should be addressed to support@crowdstrike.com or a trusted CrowdStrike contact.
In addition to this article, please monitor the following sources for the most up-to-date information:
CrowdStrike customers can get the latest information in the Support Portal and/or through a public remediation guidance page:
Reach out to support@crowdstrike.com if further assistance is needed.
This summary and its contents are intended for general guidance and informational purposes only. This summary is under no circumstances intended to be used or considered as specific insurance or information security advice. This summary is not designed to be comprehensive and it may not apply to your particular facts and circumstances. Consult as needed with your IT Department or professional advisers.
This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers or Corvus. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. Availability of coverage referenced in this document can depend on underwriting qualifications and state regulations.