A software update from CrowdStrike – a Texas-based cybersecurity firm – sparked what is known as the “blue screen of death”, rendering Windows devices useless and knocking out big banks, supermarkets, hospitals and airlines on Friday.

Microsoft – which suffered a separate glitch at the same time on its cloud-based Azure service and Microsoft 365 suite – said the CrowdStrike fault affected about 1 per cent of Windows-based computers and laptops that are currently in use globally.

“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” Microsoft vice-president for enterprise and OS security David Weston said.

“This incident demonstrates the interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers.”

The outage is expected to cost the global economy billions of dollars. In NSW alone, the damage bill is expected to top $200m, according to Business NSW.

When asked how it planned to compensate customers, a CrowdStrike spokesman declined to comment and referred to pre-prepared statements issued by the company.

However the company’s website states that under Australian law it is required to compensate customers in the event of a major failure of one of its products.

The company said it was required under Australian law to provide either the eligibility to end a service contract and to refund an unused portion of a contract or compensate for a product’s reduced value.

“For major failures with the service, you are entitled: (i) to cancel your service contract with us; and (ii) to a refund for the unused portion, or to compensation for its reduced value. You are also entitled to choose a refund or replacement for major failures with goods,” the terms and conditions read.

The company states that if a failure does not amount to a “major failure” customers are entitled to a refund for the goods and refund any unused portion.

“You are also entitled to be compensated for any other reasonably foreseeable loss or damage from a failure in the goods or service,” the terms read.

Big customers included the top four banks, Coles, Woolworths, Bunnings, Telstra and Qantas.

Customers at Australia’s biggest bank, Commonwealth Bank, were initially unable to complete PayID transactions online but a CBA spokeswoman said access was restored on Friday evening. An Australia Post spokeswoman also said the outage hit its online payments business, SecurePay, which is used by more than 40,000 businesses. The spokeswoman said it hindered the ability for some customer to complete transactions.

Data from aviation analytics company Cirium showed flights in Australia continued to be affected by the CrowdStrike outage on the weekend, with 77 flights cancelled on Saturday and 40 per cent of services delayed, sparking chaos and long lines at airports.

Jetstar confirmed its schedules had stabilised by Saturday afternoon following a nightmarish Friday when more than 150 flights in total were axed.

The impacts to Virgin Australia and Qantas were less dramatic with only a handful of flight disruptions.

A Jetstar spokeswoman said the global software issue affected multiple systems across the airline including those used to communicate with customers.

The outage caused some “holdups” for customers at Australia’s biggest telco, Telstra. A spokesman said these issues were resolved on Saturday afternoon but warned of a spike in scams from criminals seeking to exploit the outage. He declined to say how much the outage cost Telstra nor if it would seek compensation from CrowdStrike.

“Customers should be aware of increased scam and phishing activity following the event, including being suspicious of any contact (email, SMS or phone call) from people claiming to be from CrowdStrike, Microsoft or Telstra, claiming they can help fix their IT issues. We ask customers to be alert to this activity and not click on links in SMS or email that are not from a verified source,” the Telstra spokesman said.

He said calls to triple-0 and Telstra’s fixed and mobile network remained unaffected from the outage.

The nation’s supermarkets were mostly back online over the weekend, both the check-outs at the physical stores and online platforms, with Coles saying its supermarkets across the country were open and trading.

“Some registers may be temporarily unavailable while we fully recover. We are putting on extra team members to assist customers with their shopping, and we thank everyone for their patience,” the supermarket giant said.

It said many of its Liquorland, Vintage Cellars and First Choice Liquor stores will also be trading, with remaining liquor stores to re-open as soon as systems were restored.

A spokesman for Woolworths said all of its stores except for six were open and trading.

“In some cases, customers may find less registers available than normal so we’re grateful for their patience,” the spokesman said.

AMP head of investment strategy, Shane Oliver, said the global outage was brief and was unlikely to have had a huge economic impact beyond disruptions that will have to be made up for. However, he was expecting a backlash.

“The global IT outage on Friday impacting many Microsoft Windows computer systems will likely further fuel the backlash against globally integrated supply chains in favour of state intervention with protectionist measures. Its also a reminder to always carry a bit of cash,” he said.

CrowdStrike also has federal government contracts, totalling more than $4.2m, with the Department of Defence, Australian Signals Directorate and Future Fund. The outage prompted crisis meetings with the Albanese government over the weekend.

Mr Weston said Microsoft was “working around the clock” to provide “ongoing updates and support” to resolve the outage, which some expert say will take days, if not weeks.

“Additionally, CrowdStrike has helped us develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update,” Mr Weston said.

“We have also worked with both AWS (Amazon Web Services) and GCP (Google Cloud Platform) to collaborate on the most effective approaches.

“We recognise the disruption this problem has caused for businesses and in the daily routines of many individuals. Our focus is providing customers with technical guidance and support to safely bring disrupted systems back online.”

The CrowdStrike outage is the latest blunder in cloud computing. In May, Google accidentally deleted UniSuper’s entire subscription base on its cloud service, locking out the fund’s 600,000-plus members from their accounts for days.

Mr Weston said the CrowdStrike outage was a “reminder of how important it is for all of us across the tech ecosystem to prioritise operating with safe deployment and disaster recovery using the mechanisms that exist”.

“As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together. We appreciate the co-operation and collaboration of our entire sector, and we will continue to update with leanings and next steps.”

CrowdStrike CEO George Kurtz apologised to customers and said he understood the “gravity of the impact of the situation”.

“We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority,” he said.

“The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted.”

Asked on CNBC why CrowdStrike didn’t opt for a phased approach to the upgrade – which host Jim Cramer said was “irresponsible” – Mr Kurtz said the company “had been doing this a long time” and “not all of our customers were impacted”.

“Traditionally goes out in a phased approach. So it initially went out and we started to see some issues, and then pulled it back so not all of our customers are impacted,” he said.

“As soon as we saw this issue, which didn’t manifest itself before we obviously sent it out, we rolled it back. And you know now we’re dealing with the impacted systems.”

Australian Chamber of Commerce and Industry chief executive Andrew McKellar on Sunday conceded the global IT outage had a major impact but it was difficult to estimate the total cost to business due to the disrupted trade, failed websites and other business disruptions.

“There’s no doubt that’s cost a lot of businesses, time, money, lost sales. It’s been inconvenient for consumers. It’s been inconvenient for travellers. So look, it’s very hard to put a dollar figure on that. Those losses will be there. In the circumstances I think there’s been a concerted effort to get systems back up and running as quickly as possible. So I think from that point of view, business is at least grateful for that effort.”

He said the outage on Friday was “very regrettable in the circumstances”.

“It’s unfortunately unavoidable, at least it is not the result of a security hack or a compromised security system. It’s part of the unfortunate reality of working in a very connected economy.

“The other thing I just say in relation to Friday is I do compliment the way that the government, the way that officials have responded to this. So the government stood up the national co-ordination mechanism very quickly.”

He said CrowdStrike had been involved in meetings to wade through the problem alongside business and government.

“I think that’s been prompt and I don’t think we could have asked for much more in the circumstances.”

Mr McKellar said the IT systems collapse highlighted in-built vulnerabilities in the nation’s IT infrastructure and would serve as important lessons going forward.

“There are going to be lessons coming out of this. I think lessons across the board from a commercial point of view for the IT suppliers for industry more generally in terms of how we try and build those safeguards into the system. For many of the users, there’s not a lot they can do. We do have those vulnerabilities and we really are looking for the suppliers for the IT industry to minimise this risk for the future as much as possible.”

Additional reporting: Joseph Lam

More Coverage

How did one company cripple the world?

Jared Lynch

Aussie exec in midst of CrowdStrike chaos

Eli Greenblat

Originally published as Compensation talk grows after CrowdStrike’s crippling outage