Bank customers report tech issues amid CrowdStrike, Microsoft problems

This is a developing story. Please check back here for updates.

Early Friday morning, a buggy software update issued by CrowdStrike began causing some Windows users to boot their computers into the Blue Screen of Death. The problem appears to also be affecting Microsoft Azure, the company’s cloud services offering.

Australian and New Zealand banks reportedly experienced outages to online banking services during the day Friday. Airlines experienced a spike in delays and flight cancellations at the onset of the errors just after midnight East Coast time. NBC News, Sky News, and several Australian broadcasters temporarily stopped broadcasting live content.

The problem seems to have a mixed impact on U.S. banks and the financial services sector. Customers of TD Bank, Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and Arvest Bank reported significantly higher volumes of disruptions via Downdetector, a platform where users can report disruptions to digital services across industries.

JPMorgan Chase employees have reportedly had trouble gaining access to their workstations, according to the New York Times. The bank did not immediately respond to a request for comment.

To a lesser extent, Citi customers reported problems on Downdetector — mainly difficulty logging in to their accounts online. However, the bank has experienced no material impact from the outage, and all of the bank’s systems are currently operating on a normal basis, according to a company spokesperson. 

Truist customers also reported issues logging into their mobile apps. But, “branches, care centers, and digital banking services are open to serve clients,” according to a company spokesperson.

TD Bank acknowledged the issue on its website. A banner on the homepage reads, “TD has been impacted by the global technology disruption that has affected organizations around the world. Teams are working hard to restore digital systems. TD customers can visit Stores or ATMs.” A similar message appeared when customers tried logging into online banking.

TD did not respond immediately to a request for comment.

Though some news reports said consumers were having trouble making payments, Visa and Mastercard said they were unaffected. A Visa spokeswoman said the organization’s systems are operating normally, but added, “we are aware of reports of people being unable to make payments and are working with our financial institution clients to understand any impact on their services to cardholders and merchants.” A Mastercard spokesman said, “There is no indication that these issues impacted our systems.”

An American Express spokesperson also reported that the company is processing transactions normally, but added, “due to higher than normal call volumes in some areas, some American Express customers may be experiencing longer-than-usual wait times.”

Discover Financial Services relayed in a statement that it does not use CrowdStrike and was not directly impacted by the outage. The company said it does have third-party vendors who were impacted by the outage, “which resulted in some of our banking features being temporarily unavailable,” the statement continued. “These issues have been resolved.”

Some smaller banks have acknowledged outages due to the CrowdStrike-Microsoft glitch. 

“The global Microsoft/CrowdStrike service interruption is impacting all branches and bank offices, with some branches unable to complete full-service transactions,” reads a banner on the website of Canandaigua National Bank and Trust, a $5 billion institution in Canandaigua, New York. “Our mobile and online banking platforms are all functioning as normal. However there may be delays in transaction processing.” The bank also said its call center is affected, and customers should expect longer wait times.

The Milford Bank, a $598 million-asset institution in Milford, Connecticut, posted its own warning on X, the site formerly known as Twitter: “Attention — Some of our systems have been impacted by the CrowdStrike worldwide computer outage. We are working to restore connectivity as soon as possible.”

Neither Canandaigua nor The Milford immediately responded to a request for comment.

PCBB, the correspondent bank based in Walnut Creek, California, wrote in an email blast early this morning that its systems were impacted by the CrowdStrike outage, and “our teams are working diligently to bring our platforms back online.” It has since reported via email that it is fully operational. 

The American Bankers Association referred American Banker to the Financial Services Information and Analysis Center. Maggie Leung, media relations manager of the Canadian Bankers Association, said in a statement, “Like many other companies, banks in Canada are reviewing the situation based on updates from their technology partners. Canadians can be reassured that our country has a well-protected banking system. Any current impact on banking services would be temporary.”

A spokesperson for the Independent Community Bankers of America said, “We are monitoring the IT outage closely, in coordination with our partners and officials in the financial services sector, to gather additional details and assess the impact on the industry.”

Customer reports of problems accessing their banking accounts and apps may be caused by the sudden popularity of the Downdetector platform amid the disruptions, or by IT infrastructure not belonging to the banks whose customers have reported issues.

For example, users of Comcast’s telecommunications business Xfinity reported more outages than usual coincident with the start of the CrowdStrike and Microsoft problems. The company operates a content delivery network (CDN) and domain name servers (DNS) that, if affected by the CrowdStrike and Microsoft problems, could cause problems that customers might not specifically attribute to Xfinity.

The root cause of the many problems appears to be a defect in a single update pushed by CrowdStrike to Windows hosts overnight. The company has provided updates on the defect and workarounds, which involve booting Windows into Safe Mode or Windows Recovery Environment and deleting a single system file.

CrowdStrike CEO George Kurtz said the issue has been identified, and a fix has been deployed, so the company is now working with impacted customers to ensure that their systems are back up.

“Today was not a security or cyber incident,” Kurtz said. “Our customers remain fully protected. We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption.”

Penny Crosman contributed to this article.