A global IT outage is affecting several U.S. hospitals and health systems.
An update released by cybersecurity firm CrowdStrike has caused a cascading effect on global IT systems resulting in outages across various industries, including healthcare, banking and airlines, CNBC reported July 19.
What is CrowdStrike and what happened?
CrowdStrike creates software designed to detect and prevent cyberattacks. Its products are utilized by numerous Fortune 500 companies. According to CNBC, on July 19, people worldwide started encountering what is commonly referred to as the "blue screen of death." This error, commonly seen on PCs when they overheat or encounter a critical issue, was triggered by a recent update from CrowdStrike for its Falcon product.
Falcon, a platform developed to prevent breaches through cloud technology, is central to the company's focus on endpoint security. This software also requires extensive access to a computer's operating system to scan for threats. The update issued July 19 caused machines running Microsoft's Windows operating system to crash due to a compatibility fault.
Also on July 19, CrowdStrike said it is in the process of rolling back the update globally.
Who is affected?
The CrowdStrike issue has disrupted many U.S. hospitals and health systems.
Somerville, Mass.-based Mass General Brigham wrote on its Facebook page July 19 that the outage has caused the system to cancel all previously scheduled nonurgent surgeries, procedures and medical visits.
Meanwhile, Upstate University Hospital in Syracuse, N.Y., wrote on its website that some of its outpatient services and procedures, including lab appointments at all Upstate locations, as well as surgical procedures at its hospitals, are delayed due to the outage.
The Arizona Republic reported that Banner-University Medical Center in Phoenix seemed to be redirecting ambulances to other facilities due to the outage, with other Banner Health locations in Arizona and beyond also being affected.
The report also said Phoenix-based St. Joseph Hospital and Medical Center acknowledged experiencing system outages, though a telephone operator said she could not offer details about the extent of the issues.
Other healthcare organizations reporting issues due to the CrowdStrike incident include New York City-based Memorial Sloan Kettering Cancer Center; New York City-based Hospital for Special Surgery; Lexington, Ky.-based UK HealthCare; Buffalo, N.Y.-based Kaleida Health; Grand Rapids and Southfield, Mich.-based Corewell Health; Burlington, Mass.-based Tufts Medical Center; Fort Myers, Fla.-based Lee Health; Tacoma, Wash.-based MultiCare; Durham, N.C.-based Duke Health; Boston-based Dana-Farber Cancer Institute; Detroit, Mich.-based Henry Ford Health; Ann Arbor-based Michigan Medicine; Columbus, Ohio-based Nationwide Children's Hospital; Renton, Wash.-based Providence; and Buffalo-based Roswell Park Comprehensive Cancer Center.
In a statement shared with Becker's, Norfolk, VA.-based Sentara Health said it does not use CrowdStrike so its IT systems were not directly impacted. However, the health system said it in the process of evaluating the impact on its third-party providers and partner organizations who do work with this vendor.