Incident Database
The Most Expensive Tech Outages Ever
Updated April 2026 · 17 documented incidents with sourced cost estimates
Most Expensive (Sourced Estimates)
CrowdStrike Jul 2024
$5.4B+
Fortune 500 losses (Parametrix)
Meta Oct 2021
$100M+
Direct + $60B market cap loss
Change Healthcare 2024
$800M+
Reported by UnitedHealth
AWS us-east-1 Dec 2021
$150M+
7-hour networking outage
Toyota Feb 2022
$375M
Supplier cyberattack, 1-day halt
Delta (CrowdStrike cascade)
$500M
5 days of flight cancellations
Full Outage Database
| Incident | Date | Duration | Est. Cost | Cause | Source | |
|---|---|---|---|---|---|---|
| CrowdStrike Falcon Update | Jul 2024 | ~8 hours (recovery days-weeks) | $5.4B+ | Faulty configuration update | Parametrix 2024 | Details |
| Meta (Facebook) Global Outage | Oct 2021 | ~6 hours | $100M+ (+$60B mkt cap) | BGP routing error | Meta disclosure | |
| Delta Air Lines (CrowdStrike cascade) | Jul 2024 | 5 days of cancellations | $500M est. | CrowdStrike-caused IT failure | Delta disclosures | Details |
| AWS us-east-1 Outage | Dec 2021 | ~7 hours | $150M+ est. | Networking device issue | AWS post-incident | Details |
| AWS S3 us-east-1 | Feb 2017 | ~4 hours | $150M+ est. | Operator error (too many servers removed) | AWS post-incident | Details |
| Cloudflare Nov 2025 | Nov 2025 | ~3 hours | $250M+ mkt cap impact | Network config change | Industry estimate | |
| AWS Oct 2025 | Oct 2025 | ~15 hours | $40M+ est. | Multiple service failures | Industry estimate | Details |
| TSB Bank Migration | Apr 2018 | ~2 weeks (partial) | £330M + £48.65M fine | Failed IT migration | FCA reports | |
| GitHub Extended Outage | Oct 2018 | ~24 hours (partial) | $10M+ est. | Database corruption cascade | GitHub post-incident | |
| Fastly Global CDN Outage | Jun 2021 | ~1 hour | $100M+ est. | Software bug triggered by customer config | Fastly post-incident | |
| CenturyLink Network Outage | Aug 2020 | ~5 hours | $100M+ est. | BGP routing announcement error | FCC reports | |
| Google Cloud Multi-region | Jun 2019 | ~4 hours | $50M+ est. | Configuration change | Google post-incident | |
| Change Healthcare Ransomware | Feb 2024 | Months | $800M+ reported | Ransomware (ALPHV/BlackCat) | UnitedHealth disclosures | Details |
| Robinhood (COVID volatility) | Mar 2020 | Multiple days | $70M fine + suits | Infrastructure overload | FINRA 2021 | Details |
| Azure Nov 2023 (Teams/M365) | Nov 2023 | ~8 hours | $50M+ est. | DNS change cascade | Microsoft post-incident | Details |
| JBS Foods Ransomware | May 2021 | ~1 week | $11M ransom + $100M+ | REvil ransomware | JBS disclosure | |
| Toyota / Kojima Industries | Feb 2022 | 1 day (14 plants) | ~$375M production loss | Supplier cyberattack | Toyota disclosure | Details |
Cost estimates are sourced from company disclosures, regulatory filings, and independent analyst research where available. Market cap figures reflect single-day movements and may not represent permanent losses. All figures in USD unless noted.
Cause Category Distribution
Uptime Institute 2025: configuration errors and software bugs now account for more than half of significant outages.
Patterns in Major Outages
Single point of failure in widely-adopted software
CrowdStrike, Fastly, CenturyLink: when a change to a widely-deployed system is incorrect, the blast radius is massive. Monocultures of infrastructure dependency are the underlying cause.
Automated delivery amplifies the failure
Manual software updates catch issues before full deployment. Automated update pipelines (continuous delivery) push failures to 100% of systems simultaneously. CrowdStrike's channel file update bypassed staged deployment.
Recovery is always harder than expected
The CrowdStrike recovery required manual intervention on 8.5 million machines - there was no automated rollback because the sensor crashed before it could roll back. This is the hidden cost of outages: recovery engineering is rarely fully planned.
Supply chain dependencies are invisible risk
The Toyota/Kojima incident and the Delta/CrowdStrike cascade show that your outage risk extends to your suppliers and vendors. Third-party risk assessment is lagging behind actual dependency.