CrowdStrike outage brings its top investors $10B in paper losses

The top 50 shareholders in cybersecurity company CrowdStrike Holdings Inc. are sitting on paper losses of more than $10 billion in the wake of a massive IT outage triggered by a company software update, according to an analysis performed by the S&P Global Market Intelligence.

In the first two days of trading after the outage, shares in CrowdStrike dropped more than 25% as investors assessed the magnitude of the situation.

While most of the impacted investors are passive funds such as BlackRock Inc. and Vanguard Group Inc., there are some active investors and insiders that saw the value of their CrowdStrike stock holdings drop precipitously in a few days.

CrowdStrike company founder and CEO George Kurtz' stock in the company lost $634 million in value between market close on July 18 and 22. Venture capital firm Accel Partners is sitting on losses of about $430 million. Accel first invested in CrowdStrike in 2012 shortly after the company launched. At the time, the startup was reportedly valued at $51 million.

Past incidents

Analysts say it could take some time for Wall Street to fully assess the implications of the July 19 outage.

"Our initial reaction on Friday was seeing a 10%+ pullback in a high-quality stock as a buying opportunity," Deutsche Bank analysts said in a research note. "However, we have since come to better appreciate the gravity and disruptiveness of the situation."

According to CrowdStrike, a technical update from the company caused Microsoft Corp. Windows to continually restart. Microsoft estimated that 8.5 million Windows devices were affected. CrowdStrike apologized and indicated it is prepared to compensate affected customers.

Casey Ryan, an analyst at WestPark Capital, said in a note that the fallout post-incident "could drag into 2025."

While cybersecurity firms release updates often and errors sometimes slip in, the magnitude of the CrowdStrike outage dwarfs any other similar incident. This is due both to the popularity of CrowdStrike products and the widespread move towards digitalization across industries.

The last time a similar error caused a large IT disruption was in 2010, when McAfee LLC released a faulty security update that impacted about 1,600 enterprise customers and 11,000 consumer customers. McAfee reported about $15 million in lost revenue following the incident, largely relating to customer discounts the company offered in the aftermath. McAfee was sold to Intel Corp. later that year.

Investors bet on competitors

While CrowdStrike's shares have fallen in the wake of the July 19 incident, some of its competitors, such as SentinelOne Inc. and Palo Alto Networks Inc., have seen their stocks rise. Investors expect customers to diversify their IT and security vendor choices in response to the CrowdStrike incident.

"I would expect organizations will be looking at alternatives," said Scott Crawford, cybersecurity industry analyst and research director with S&P Global Market Intelligence 451 Research, in an interview. "But we are also seeing them address an even more fundamental issue with the fragility of IT interdependencies revealed by this incident."

SentinelOne shares were up more than 26% over the past 30 days ended July 22, while CrowdStrike's stock was down 30%. Palo Alto shares were up about 4% over the same period.