CrowdStrike technology outage causing global disruption across industries, including impacts on hospitals and health systems

A non-malicious global technology outage that began in the early morning of July 19 is continuing to affect many industries and is having varying effects on hospitals and health systems across the country. The outage was caused by a faulty software update issued by the cybersecurity firm CrowdStrike, which is widely used by businesses and government agencies that run on Microsoft computers.

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the organization posted on its website early today. "Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they're communicating with CrowdStrike representatives through official channels." CrowdStrike's webpage includes more information about the issue and workaround steps organizations can take. The Cybersecurity and Infrastructure Security Agency also posted an alert on the incident.

In a statement shared with media this afternoon, AHA National Advisor for Cybersecurity and Risk John Riggi said, "The AHA is in close communication with the hospital field and the federal government about the non-malicious global technology outage that occurred early this morning. While we continue to monitor the situation closely, we are hearing from hospitals and health systems that the impact varies widely. Some have experienced little to no impact while others are dealing directly with some disruptions to medical technology, communications and third-party service providers. These disruptions are resulting in some clinical procedure delays, diversions or cancellations. Impact is also being felt indirectly as a result of local emergency call centers being down. Impacted hospitals are working hard to implement manual restoration of systems and the CrowdStrike patch. Affected hospitals have also implemented downtime procedures to ensure that disruptions to patient care are minimized or avoided to the extent possible."

AHA members received a Cybersecurity Advisory with more details.