CrowdStrike Apologises For Global IT Outage In House Hearing

The US Congress, Senate, Capitol, US government

Congressional testimony sees CrowdStrike executive publicly apologise for faulty update that caused chaos around the world

A senior executive at cybersecurity firm CrowdStrike has publicly apologised before a Congressional hearing this week for causing the world’s largest IT outage in the summer.

Adam Meyers, senior vice-president for counter-adversary operations at CrowdStrike, made the apology when he testified before the House homeland security cybersecurity and infrastructure protection subcommittee on Tuesday.

A faulty update from Texas-based cybersecurity firm CrowdStrike had triggered the world’s largest ever IT outage on 19 July 2024.

IT outage

The flawed software update disrupted airlines, banks, hospitals, emergency lines and countless business operations around the world.

CrowdStrike’s CEO George Kurtz apologised on multiple occasions when it became clear that a faulty content configuration update for CrowdStrike’s Falcon sensor tool had plunged an estimated 8.5 million Windows computers into a ‘Bue Screen Of Death’ reboot loop.

CrowdStrike’s share price fell 32 percent over the next 12 days, wiping out $25 billion of market value, as the outage’s effects became known.

Delta Air Lines is seeking $500 million in damages for the “unacceptable” outage, and CrowdStrike itself is being sued by its shareholders who allege the firm defrauded them by concealing how its inadequate software testing could cause the global disruption.

Congressional apology

Now over two months after the outage, CrowdStrike’s Adam Meyers was in his testimony, said: “I am here today because, just over two months ago, on July 19, we let our customers down. As part of regular operations, CrowdStrike released a content configuration update for the Windows sensor that resulted in system crashes for many of our customers.”

“On behalf of everyone at CrowdStrike, I want to apologise,” said Meyers. “We are deeply sorry this happened and are determined to prevent it from happening again. We appreciate the incredible round-the-clock efforts of our customers and partners who, working alongside our teams, mobilised immediately to restore systems and bring many back online within hours. I can assure you that we continue to approach this with a great sense of urgency.”

Meyers said the company has undertaken “a full review of our systems” to prevent the cascade of errors from occurring again.

Meyers also pledged that CrowdStrike now pays more attention to the quality of content updates, and uses a phased approach to rollouts of threat-detection updates.

Meyers was in the hotseat before US lawmakers, after CEO George Kurtz had declined the invitation to testify.

George-Kurtz Crowdstrike lead
CrowdStrike CEO George Kurtz
Image credit CrowdStrike