Half the City of Portland’s Systems Went Down During Global Microsoft CrowdStrike Software Outage

Mayor Ted Wheeler says first responder response times were not impacted and half the city’s systems are back online.

Portland Mayor Ted Wheeler. (Blake Benard)
By Sophie Peel

The global Microsoft CrowdStrike software outage that impacted hospitals, banks and governments across the world did not spare the city of Portland.

In a Friday morning press conference, a bleary-eyed Mayor Ted Wheeler said that half of the city’s 487 systems, both internal and external, were impacted during the global outage that began late Thursday night and extended into the wee hours of Friday morning.

Wheeler emphasized that no Portlander who called 911 during the outage experienced issues connecting with the city’s first responder system: Shad Ahmed, director of the Portland Bureau of Emergency Management, says dispatchers switched to a manual logging system for calls until their internal software was fixed. “At no time were 911 calls interrupted,” Ahmed said, “just the internal systems to track those calls.”

Still, 266 of the city’s 487 systems remain affected as of Friday morning. Wheeler said city staff is working diligently to get everything back online, but said little about what the potential—or current—impacts of those shortages are on city functions. “My primary concerns were police and fire. as we’ve seen police and fire come back online, we’re starting to deal with the lower priority systems.” Ahmed said that internal systems that deal “with how we do finance to payroll, those are all online.”

“As a city,” Ahmed said, “we’re in pretty good shape right now.”

Another concern amid the ongoing outage: The global mayhem among many of the world’s biggest financial institutions is a feasting ground for criminal activity.

Ahmed warned businesses that criminals may use the outage to pose as CrowdStrike employees to gain access into data centers and financial systems. “Our federal partners are reminding us that there is a potential for criminal actors to exploit this vulnerability by impersonating the CrowdStrike staff. We urge all businesses to remain vigilant and not respond to unsolicited communications from unknown contacts.”

But city officials at the press conference wouldn’t say if any city employee had been the subject of an impersonation attempt. “It’s an evolving situation...I don’t think I can speak to, right now, what we’ve experienced as a city.” When pressed, Ahmed said: “I’m not going to be able to speak to that at this time.”




Willamette Week’s reporting has concrete impacts that change laws, force action from civic leaders, and drive compromised politicians from public office. Support WW's journalism today.