A worldwide outage at the network of cybersecurity firm Cloudflare Inc. has been resolved after several hours of disruption on Tuesday.
The outage had taken down the websites for everything from the chief US energy regulator, ChatGPT, the New Jersey transit authority and the social-media platform X. ChatGPT and X were among the services that were back online by 10 a.m. New York time.
A Cloudflare spokesperson said the company observed a “spike in unusual traffic” to one of its services around 6:20 a.m. ET, causing some traffic passing through its network to experience errors. The issue was fixed within six hours, according to the company.
The cause of the outage was a configuration file that is automatically generated to manage threat traffic, Jackie Dutton, a Cloudflare spokesperson said in a statement. There was no evidence of a cyberattack or malicious activity, the statement said.
“The file grew beyond an expected size of entries and triggered a crash in the software system that handles traffic for a number of Cloudflare’s services,” said Dutton.
The company has experienced several outages over the past few years.
In July 2019, a bug in Cloudflare’s software caused one part of its network to suck up computing resources, leading thousands of websites including that of Discord, Shopify Inc., SoundCloud and Coinbase around the world to go offline for as long as 30 minutes. In June 2022, Cloudflare suffered an outage that affected traffic in 19 of its data centers, also essentially shutting down major websites and services in an incident that lasted about an hour and a half.
Cloudflare’s software is used by hundreds of thousands of companies globally, acting as a buffer between their websites and end users and working to protect their sites from attacks that might overload them with traffic.
Last year, a faulty software update from the cybersecurity firm CrowdStrike Holdings Inc. crashed millions of devices operating on Microsoft Corp.’s Windows systems, disrupting a wide range of industries, including air travel, banks and health care.
CrowdStrike’s outage was the result of an error in a product that operates at the deepest levels of customers’ computers. By contrast, Cloudflare protects internet infrastructure such as websites and platforms, which is why many popular websites go down or are unreliable during Cloudflare outages. Cloudflare largely focuses on keeping websites online and fast, while CrowdStrike focuses on keeping computers and servers safe from attacks.
The down time Tuesday is the latest example of the internet’s reliance on “relatively few players,” Alan Woodward, professor of cybersecurity at University of Surrey, said, while describing Cloudflare as the “the biggest company you’ve never heard of.”
Anthropic PBC said its Claude AI chatbot was affected on Tuesday.
The website for the Federal Energy Regulatory Commission, which oversees US electricity markets, utilities, power traders and other energy-related matters, was also down. A host of companies, attorneys and regulators depend on the site to access regulatory cases and filings.
The websites of global food and agricultural giants including Cargill Inc. and Louis Dreyfus Co. were also down in the New York morning due to the Cloudflare outage.
“People have no choice but to depend on relatively few big names,” said Woodward.
In a notice sent just after 8 a.m. New York time, New Jersey Transit said both its website and its mobile app were affected by the Cloudflare outage and warned that services may be temporarily unavailable or slow. New Jersey Transit tickets were still being collected, according to spokesman Jim Smith.
“Our teams are monitoring the situation closely and will restore full functionality as soon as the vendor implements a fix,” he said.
A similar outage at Amazon.com Inc.’s cloud service last month stretched for about 15 hours, disrupting operations at major firms including Apple Inc., McDonald’s Corp., and Epic Games Inc. According to the company, the problem stemmed from a fault in a digital directory tied to a critical database system. That glitch triggered a chain reaction, preventing software dependent on the database from accessing essential information.
While addressing the malfunction, Amazon’s engineers discovered that additional subsystems had also been affected, including one crucial for enabling customers to spin up new rented servers.
Photo: Cloudflare headquarters in San Francisco. Photographer: David Paul Morris/Bloomberg
Was this article valuable?
Here are more articles you may enjoy.
Parkland Shooting Wasn’t Multiple Incidents With Multiple Deductibles, Court Says 
With Earnings Up and Rates Dropping, Big National Execs Celebrate Florida Reforms 
70% of Drivers Say They’ve Felt Unfairly Judged by Auto Insurers: Arity Report 
Marsh Sues More Former Employees Over ‘Scheme’ to Open Howden US 
