A widespread Microsoft outage linked to cybersecurity firm Crowdstrike disrupted San Diego County public agencies and flights at the San Diego International Airport Friday.
The website DownDectector, which tracks user-reported internet outages, recorded growing outages in services at Visa, ADT security, FedEx and Amazon, and major U.S. carriers including Delta and United.
The same outage was affecting services locally, including the airport, the city of San Diego, MTS, the San Diego County Sheriff's Department and the San Diego County Superior Court.
Get top local stories in San Diego delivered to you every morning. Sign up for NBC San Diego's News Headlines newsletter.
CrowdStrike CEO George Kurtz posted on social media platform X that the company “is actively working with customers impacted by a defect found in a single content update for Windows hosts.”
He added the incident is not security-related or a cyberattack.
"The issue has been identified, isolated and a fix has been deployed.”
Local
The issue affected Microsoft 365 apps and services, and escalating disruptions continued hours after the technology company said it was gradually fixing it.
Microsoft 365 posted on X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact in a more expedient fashion” and that they were “observing a positive trend in service availability.”
Though the problem has been fixed and most computers are back online, the residual effect from the outage could continue through the weekend and even into Monday.
Here's what's been affected in San Diego:
San Diego International Airport
Long lines filled SAN all day on Friday, and airport officials say the impacts could last through the weekend.
The airport had about 73 delays and 15 cancellations by 8 a.m. Friday, affecting nearly every airline, according to the flight tracking website FlightAware. On Thursday, there were about 196 delays in and out of the airport.
Flight delays were expected to continue throughout the day, a SAN spokesperson said.
"Due to a number of flight delays, SAN passengers should check with their airlines before coming to the airport today," the airline said in a post on X.
While the airport didn't point to the global outage as a cause for delays, several airlines across the county reported being affected.
The FAA said the airlines United, Delta and Allegiant had all been grounded. American Airlines lifted its ground stop just after 2 a.m PT, saying they were able to "safely re-establish operations."
FlightAware reports more nearly 1,000 flights canceled and over 12,000 more were delayed across the country.
An earlier ground stop for Frontier Airlines was lifted just after midnight, and the carrier said they had resumed normal operations, for now.
Southwest Airlines and Frontier appeared to be operating normally.
Scripps Health
Scripps Health said they are a CrowdStrike customer, therefore, affected by the outage. They health care company said their patients have not been effected and their electronic health records are available. Areas that were effected have "alternative processes in place to maintain normal operations. However, we are continuing to analyze the impact of this issue."
City of San Diego
The city's call centers were affected by the Crowdstrike outage, although the city said their emergency dispatch services were not impacted.
"Anyone trying to call Public Works Dispatch or Public Utilities may experience delays," the city said.
MTS
San Diego's transit system said there may be delays in scheduled services, as a second hand result of the outage. Many of their employees were experiencing delays at the border, where wait times were being reported more than four hours long.
Border Crossings
People crossing the border Friday morning experienced long wait times as the global tech outage affected U.S. Customs and Border Protection operations. The agency said they are working to mitigate impacts to trade and travel.
"During this time, travelers at air and land ports of entry may experience longer than normal wait times. All CBP applications, including Automated Commercial Environment, CBP One, Simplified Arrival, and the Global Entry Mobile App, are operational. We will continue our work to restore our systems to full capacity and provide updates as they become available," CBP said in a statement.
Wait times reached four hours Friday morning. The average wait time in the standard lane was down to about an hour as of 6 p.m.
San Diego County Sheriff's Department
The sheriff's department said they were affected for about 5 hours and had most of their computers back up and running by 8 a.m. They aimed to have everything running by mid-day.
"We have been working immediately and diligently throughout the night, prioritizing our intake and medical facilities, and we manually processed the arrestees who were in the process of being booked. Everyone is safe," the department said in a statement.
San Diego County Superior Court
The Superior Court said they were affected by the outage and prioritized repairing operations in the courtrooms.
"If you have a court date this morning, please report to the courtroom as scheduled," the court said in a statement. "If you were permitted to and planned to appear remotely, you may do so, however, you may need to wait in the Microsoft Teams 'lobby' if that courtroom has not yet been repaired. We hope that all courtrooms will be operational later this morning.
The court said their online application systems and telephones were operational.
Social Security Administration
All offices were closed, including in San Diego, due to the outage. The SSA was still helping users by phone.
California Benefits
CalFresh and other benefit assistance programs were affecting some functions of the BenefitsCal.com website. The messaging system, appointments, verification of benefits and more were affected, the agency said.
This story will be updated with the latest developments.
What is Crowdstrike Falcon?
Founded in 2011, the Texas-based Crowdstrike is a cloud-based cybersecurity platform used by a major share of the global tech market. More than half of Fortune 500 companies use their software known as Falcon to keep their systems safe from malware and cyberattacks, according to Crowdstrike.
How does Crowdstrike work?
Falcon provides what's known as "endpoint detection response" capabilities. That means if Falcon detects a threat, it has the ability to stop itself instead of just alerting a company.
"Falcon Prevent can stop execution of malicious code, block zero-day exploits, kill processes and contain command and control callbacks," the company says in its FAQs.
In order to do this, the software must have broad privileges to run across a computer's internal systems and programs. This web of integration between Falcon and a computer's core software — in this case Microsoft 365 — means if Falcon crashes or malfunctions, it can have a ripple affect within the core system.
What caused the global IT outage on Friday?
CrowdStrike CEO George Kurtz said Friday's outage was not a security incident or cyberattack. Kurtz said there was a defect in a “single content update for Windows hosts.” The issue affected Microsoft 365 apps and services.
Mac and Linux hosts were not affected.
