WASHINGTON (AP) — An executive at cybersecurity company CrowdStrike apologized in testimony to Congress for sparking a global technology outage over the summer.
“We let our customers down,” said Adam Meyers, who leads CrowdStrike’s threat intelligence division, in a hearing before a U.S. House cybersecurity subcommittee Tuesday.
Austin, Texas-based CrowdStrike has blamed a bug in an update that allowed its cybersecurity systems to push bad data out to millions of customer computers, setting off a global tech outage in July that grounded flights, took TV broadcasts off air and disrupted banks, hospitals and retailers.
“Everywhere Americans turned, basic societal functions were unavailable,” House Homeland Security Committee Chairman Mark Green said. “We cannot allow a mistake of this magnitude to happen again.”
The Tennessee Republican likened the impact of the outage to an attack “we would expect to be carefully executed by a malicious and sophisticated nation-state actor”.
“We’re deeply sorry and we are determined to prevent this from ever happening again,” Meyers told lawmakers while laying out the technical missteps that led to the outage of about 8.5 million computers running Microsoft’s Windows operating system.
Meyers said he wanted to “underscore that this was not a cyberattack” but was, instead, caused by a faulty “rapid-response content update” focused on addressing new threats. The company has since bolstered its content update procedures, he said.
The company still faces a number of lawsuits from people and businesses that were caught up in July’s mass outage.