A massive global internet outage linked to Cloudflare caused major websites and public services to slow down or stop working. Cloudflare blamed a routine configuration change, but cybersecurity experts doubt this explanation.
When one of the biggest internet companies in the world suddenly collapses, everyone who depends on it feels the shock. That is exactly what happened during the latest global outage linked to Cloudflare, a company that handles traffic for about one-fifth of all websites in the world. For a firm that promises to ‘build a better internet,’ the blackout was embarrassing and frightening at the same time. Millions of users worldwide were affected, including people using X, ChatGPT, Spotify, Shopify and even important public services like transport and emergency offices.
How the Cloudflare outage began
The problem started early on Tuesday at 6:48 am Eastern Time. Users around the world suddenly struggled to load websites, apps and online services. By mid-morning, the impact was everywhere. Popular sites slowed down, froze or went offline. Even services used by governments and transport systems were affected. New Jersey Transit, New York City’s Emergency Management offices and France’s national railway SNCF were all hit. Cloudflare said it had put a fix in place by 9:42 am, and services were fully restored by 12:44 pm.
Cloudflare apologises and explains what went wrong
Cloudflare’s Chief Technology Officer, Dane Knecht, apologised publicly.
“I won’t mince words: earlier today we failed our customers and the broader Internet,” he said. The outage caused ‘real pain’ and the “time to resolution is unacceptable”.
Knecht explained that the crash was caused by a routine configuration change that unexpectedly spread across Cloudflare’s network and damaged several services. He also made one thing clear, “This was not an attack”.
Experts doubt the official explanation
Even though Cloudflare insists there was no cyberattack, some experts are not convinced. Cybersecurity specialist James Knight, who has 30 years of experience and has worked on classified cyber operations, told the Daily Mail that the situation ‘does not really smell right’. He said companies like Cloudflare normally have huge levels of backup, meaning a single change should not break the entire system. Updates are also usually tested many times before going live. Because of this, Knight said he is ‘very suspicious’ about the official explanation.
Why Cloudflare’s role makes the outage so dangerous
Most internet users think they connect directly to websites like Uber, LinkedIn or Zoom. But that is not true. In reality, their connection often passes through one of Cloudflare’s 330 data centres around the world. Cloudflare acts like a door or gatekeeper, speeding up connections and protecting websites from attacks. A popular meme after the blackout showed Cloudflare as two tiny matchsticks holding up a tall stack labelled ‘The Entire Internet’. This gatekeeper role also makes Cloudflare a valuable target for hackers and foreign cyberwarfare units.
Cloudflare has been targeted before
In September, Cloudflare said it stopped the largest DDoS attack ever recorded, where attackers tried to crash systems by flooding them with fake traffic. That attack hit 11.5 terabytes per second, equal to downloading all of Netflix’s content every second. And that came just months after another record attack of 7.3 terabytes per second. Knight says only a few powerful groups, possibly state-linked, could carry out attacks at that scale, mentioning countries like Russia and China as likely actors.
Why the outage is raising global questions
The Cloudflare failure comes soon after a major blackout at Amazon Web Services (AWS) in September. Amazon also blamed a ‘system update’ and said it was not a cyberattack. But cybersecurity analysts see a pattern: major internet companies collapsing after simple internal updates. Cloudflare’s outage has reignited debates on how much truth companies and governments share about digital threats. Knight says the US government may sometimes ask companies to hide the scale of attacks to avoid panic or national security risks. He also warned that more outages are likely.
What this means for the future
The Cloudflare crash has exposed a worrying truth: the global internet relies heavily on a few private companies, and when even one of them goes down, the world can feel the impact in minutes. Many experts now say the outage should be a wake-up call for governments, businesses and everyday users to think about how fragile the digital world can be.