A non-malicious global technology outage that began in the early morning of July 19 is continuing to affect many industries and is having varying effects on hospitals and health systems across the country. The outage was caused by a faulty software update issued by the cybersecurity firm CrowdStrike, which is widely used by businesses and government agencies that run on Microsoft computers. 

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the organization posted on its website early today. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels.” CrowdStrike’s webpage includes more information about the issue and workaround steps organizations can take. The Cybersecurity and Infrastructure Security Agency also posted an alert on the incident. 

In a statement shared with media this afternoon, AHA National Advisor for Cybersecurity and Risk John Riggi said, “The AHA is in close communication with the hospital field and the federal government about the non-malicious global technology outage that occurred early this morning. While we continue to monitor the situation closely, we are hearing from hospitals and health systems that the impact varies widely. Some have experienced little to no impact while others are dealing directly with some disruptions to medical technology, communications and third-party service providers. These disruptions are resulting in some clinical procedure delays, diversions or cancellations. Impact is also being felt indirectly as a result of local emergency call centers being down. Impacted hospitals are working hard to implement manual restoration of systems and the CrowdStrike patch. Affected hospitals have also implemented downtime procedures to ensure that disruptions to patient care are minimized or avoided to the extent possible.”  
 
AHA members received a Cybersecurity Advisory with more details.

Related News Articles

Headline
The Cybersecurity and Infrastructure Security Agency and Food and Drug Administration Jan. 30 released notices warning of vulnerabilities found in the Contec…
Headline
The AHA yesterday released an advisory alerting members that the association and the Health Information Sharing and Analysis Center have identified attempted…
Headline
The ransomware attack last year against UnitedHealth Group subsidiary Change Healthcare exposed data of more than 190 million people — up from previous reports…
Headline
The Cybersecurity and Infrastructure Security Agency and FBI Jan. 22 released an advisory explaining how cyberthreat actors “chained” vulnerabilities —…
Headline
A guide published Jan. 13 by the Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI, Environmental Protection Agency,…
Headline
In the last of this four-part conversation, four leaders from Scripps Health — Chris Van Gorder, president and CEO, Todd Walbridge, senior director of…