CrowdStrike shares fell by 13% on Monday as the cybersecurity firm dealt with the aftermath of a major outage that affected millions of Microsoft Windows devices. Last Friday, an update to CrowdStrike's Falcon vulnerability-protection software caused widespread crashes, impacting PCs, servers, and display screens. This disruption led to grounded flights and cancelled medical appointments, affecting 8.5 million Windows devices, less than 1% of the global total, according to Microsoft.
IT teams rushed to fix the affected devices, while hackers took advantage of the chaos by creating fake websites offering software updates. CrowdStrike's CEO, George Kurtz, addressed the incident on CNBC, explaining the steps the company was taking to resolve the issue.
The company's shares had already dropped 11% on Friday. Over the weekend, social media was flooded with images of the "blue screen of death" on Windows devices, signaling severe system errors. By Sunday, CrowdStrike announced it was testing a faster method to repair the impacted machines.
In response to the incident, Guggenheim Securities downgraded CrowdStrike's stock from "buy" to "neutral." Analysts, led by John DiFucci, noted that while they respect CrowdStrike's leadership, the company might face challenges in recovering its reputation and securing new contracts. This downgrade reflects concerns about CrowdStrike's future revenue potential.
Despite these setbacks, Goldman Sachs maintained a "buy" rating on CrowdStrike, albeit with caution. Analysts at Goldman Sachs, led by Gabriela Borges, predicted that deal closures might slow down temporarily due to the outage, but they did not foresee significant market share shifts in the endpoint security sector.
Goldman Sachs compared the current situation to a 2010 incident involving McAfee, where a software update caused similar widespread crashes. McAfee's then-CEO, Dave DeWalt, reported a significant revenue impact from the incident. Interestingly, George Kurtz was McAfee's chief technology officer at that time. Shortly after the McAfee incident, Intel acquired the company for $7.7 billion.
CrowdStrike stated in a regulatory filing on Monday that they are still assessing the impact of the outage on their business operations. The company emphasized its commitment to resolving the issue and restoring its services.