A global IT outage caused by a rogue software update from US cybersecurity company CrowdStrike on July 19 has left its full impact only now becoming clear, two months later. The update reportedly crippled up to 8.5 million computers running Microsoft systems, causing massive disruptions worldwide.
In the UK, the fallout severely affected GP services, with doctors unable to access vital patient records or make urgent referrals for cancer treatments, leading to delays of up to four days in some cases. Dr. David Wrigley, a GP for 22 years, described the period as one of the most difficult in recent memory. “It was a very difficult time with very little help and support,” he said.
The British Medical Association (BMA) called it “one of the toughest days for GPs across England.” GPs had to revert to pen and paper, with many practices struggling to catch up even after systems were restored. Northern Ireland’s healthcare system faced similar problems, with up to 75% of GPs affected, leading to backlogs and delayed cancer referrals.
The disruption extended beyond the healthcare sector, severely impacting global air travel. Thousands of flights were canceled worldwide, with passengers stranded at airports, left without basic needs like food or medication. Delta Airlines, one of the worst-hit carriers, canceled 7,000 flights and is now facing multiple legal actions. UK families, like Melanie and Alan Cree from Northern Ireland, saw their dream holiday turn into a nightmare due to multiple flight cancellations.
Small businesses also felt the brunt of the outage. Dawn Watts, a sole trader running a cleaning supplies website, estimates losses of £600, while London boutique fitness studio owner Hannah Al-Khaldi saw an estimated £1,000 loss. “When one link in the chain fails, everything goes down,” Al-Khaldi noted.
In response to the growing criticism, CrowdStrike’s senior manager, Adam Meyers, is set to testify before the US Congress to explain what went wrong and outline measures to prevent future incidents. In a statement, CrowdStrike has apologized and committed to learning from the crisis to better serve its customers in the future.
With the ripple effects of the outage still being felt, governments and businesses are reassessing their cybersecurity measures, raising questions about the reliability of key service providers in critical infrastructure.
