Industries worldwide, including financial services, were disrupted early Friday morning thanks to an error in a global cybersecurity vendor’s update.
Major media outlets reported that a global technology outage, blamed on a flawed software update for Microsoft operating systems from cybersecurity giant Crowdstrike, affected industries across the globe, including banking, wealth management, payment processing and numerous other industry verticals, from healthcare to airlines. Only those systems running on Microsoft's operating systems or its cloud services appeared to be affected, however.
A message on the login screen of Schwab Advisor services Friday morning warned that “due to a third-party, global, industry-wide issue, advisors may have difficulty logging in to Schwab Advisor Center, and certain online functionality may be intermittently slow or unavailable.”
The message also warned that data file delivery is delayed and that there may be long phone hold times, suggesting that firms with urgent needs should contact their service or trading teams.
A spokesperson for Orion Advisor Solutions, which is a major provider of many types of technology to advisory firms has worked to ensure that their systems are up and running normally and warned that certain functionality may be intermittently slow, but that the company "is working expeditiously to correct any issues as they arise."
Advisory firms are experiencing issues related to the outage but it remains difficult to ascertain just how widespread those are at this time.
"We're aware of multiple firms having to rely on manual processes for transactions and data management," said Scott Lamont, a managing director for the technology consultancy F2 Strategy.
"Those are slow processes and force the prioritization of critical, market sensitive or financial impacting processes over experience-related ones like client reporting, for example," he said.
It appears that the outage has affected travel worldwide with major airlines and airports reporting ground holds. Many industry sectors from travel to media to healthcare rely on Crowdstrike.
According to Bloomberg, bankers around the world were caught up in the outage, with some unable to log onto their computer systems and others unable to make trades.
Staffers at JPMorgan Chase, Nomura Holdings and Bank of America were unable to log on to their firms’ systems Friday, with many met with a blue error screen.
George Kurtz, the chief executive of CrowdStrike, said the cause had been identified and isolated and was not a security incident or cyberattack, according to reporting by The New York Times. He said a fix had been sent out, but warned it could take some time to implement.
“This incident shows that resiliency is more important than ever in the banking and financial services sector,” said Maureen Doyle-Spare, the head of banking and financial services at global technology consultancy UST.
She said that ensuring the stability and trust of the financial system while safeguarding customer assets and data requires that firms be able to swiftly recover from disruptions and maintain continuous operations. As bad as things were across the country, the incident’s impact on the US financial services market was minimal, she said, thanks mainly to the timing, as it occurred overnight before the US market opened.
“Global IT teams worked diligently through the night to address the situation, and many US firms with delivery centers in India faced minimal disruption as their teams align more closely with US business hours,” Doyle-Spare said, noting that had the timing been different, its impact could have been much more severe, underscoring the renewed importance of resiliency in this sector.
“This event highlights the critical need for firms to re-evaluate and strengthen their resiliency plans to better withstand future disruptions,” she said.
Crowdstrike posted details to its blog this morning, stating that the problems resulted from a "defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack." It provided additional information and technical details, as well as workaround instructions for those being affected.
This is a breaking news story, and we will update it as new information becomes available.