Microsoft estimates that 8.5 million computers worldwide were disabled by the global IT outage, marking the first time a figure has been provided for the incident. This suggests it could be the worst cyber event in history. The glitch originated from a security company called CrowdStrike, which sent out a corrupted software update to its extensive customer base.
In a blog post, Microsoft, which is assisting customers in recovery, stated: “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices.” David Weston, vice-president at Microsoft, noted that this number represents less than 1% of all Windows machines globally. However, he emphasized that “the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.”
Microsoft’s performance telemetry, which monitors many devices via their internet connections, allows the company to accurately estimate the number of disabled devices. The tech giant stressed that the incident was not related to its own software and highlighted the importance of quality control checks for updates from companies like CrowdStrike before they are deployed.
Weston added, “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.”
The fallout from the IT glitch has been enormous, making it one of the worst cyber incidents in history. The figure provided by Microsoft suggests it is likely the largest ever cyber event, surpassing previous significant incidents such as the WannaCry cyber-attack in 2017, which impacted around 300,000 computers in 150 countries, and the NotPetya attack a month later. Additionally, a major six-hour outage at Meta in 2021, which affected Instagram, Facebook, and WhatsApp, was largely contained to the social media giant and some linked partners.