<- Back to all posts
June 13, 2025

Analyzing the June 12 Internet Outage

Claude's after-action report from yesterday's "seven-hour digital nightmare"

What happened yesterday?

And how can we decentralize the web so it doesn't happen again?

Here's a Claude 4 Opus research report we're including in full. The prompt was, "Research the full situation of what happened with the internet outage on June 12 2025".

It's available also as a published Claude artifact here and PDF including sources here.

We'll have a lot more to say next week about our proposed solutions.

The June 12, 2025 Internet Outage: A Perfect Storm of Cloud Dependencies

On June 12, 2025, a misconfiguration in Google Cloud's Identity and Access Management (IAM) system triggered one of the most significant internet infrastructure failures in recent years, affecting millions of users globally for over seven hours. The outage exposed critical vulnerabilities in modern internet architecture, where a single authentication system failure cascaded through multiple major services, disrupting everything from music streaming to enterprise cloud computing.

What triggered the digital domino effect

The root cause emerged at 10:51 AM PDT when Google Cloud's IAM service experienced a misconfiguration that prevented authentication across over 40 Google Cloud locations and 26 core services. This wasn't just a simple server failure—it was a fundamental breakdown in the system that validates who can access what across Google's vast infrastructure. Without functioning authentication, services couldn't verify user identities or communicate with each other, creating an immediate and widespread impact.

The failure's severity became apparent when Cloudflare's Workers KV storage system, which relied on Google Cloud infrastructure, collapsed entirely. Despite being designed as a distributed "coreless" service, Workers KV maintained a critical dependency on centralized storage backed by Google Cloud. When Google's authentication failed, 91% of Workers KV requests failed, triggering secondary failures across Cloudflare's network including their Access authentication service, WARP VPN, and customer-facing dashboard.

Within hours, the cascading failures reached consumer services worldwide. Spotify peaked at 46,000 outage reports, Discord hit 11,000 reports, and services from Snapchat to Nintendo Switch Online went dark. The technical propagation followed a predictable but devastating pattern: authentication failures led to storage access failures, which prevented configuration loading, causing application crashes across thousands of interconnected services.

Geographic devastation spans continents

The outage's global reach reflected the centralized nature of modern cloud infrastructure. While the initial failure originated in Google Cloud's systems, the impact radiated across North America, Europe, and Asia-Pacific within minutes. The US-Central1 region in Iowa bore the brunt of the damage, experiencing extended outages that persisted until 11:00 PM PDT—over 12 hours after the initial failure.

Google Cloud, which delivers approximately 25% of worldwide internet traffic, saw its entire service portfolio crippled. Gmail, Google Drive, Google Meet, and Google Workspace—tools that millions rely on for daily work—became inaccessible. Simultaneously, Cloudflare's global network, protecting and accelerating millions of websites, experienced its own widespread failures affecting customers in every geographic region.

The human impact was staggering. Educational institutions lost access to Google Classroom and collaborative tools during active school hours. Healthcare providers using Google Workspace for communication faced disruptions. Software developers couldn't access GitHub Actions or deploy code through affected platforms. E-commerce sites dependent on Shopify experienced transaction failures during peak shopping hours.

Corporate giants scramble to respond

Google Cloud CEO Thomas Kurian issued a direct apology: "We regret the disruption this caused our customers." The company's initial response came 55 minutes after the outage began, acknowledging "service issues with multiple GCP products." However, Google's own infrastructure failures hampered their response—engineers couldn't access the Cloud Console to diagnose problems, forcing them to rely on backup "break-glass" procedures.

Cloudflare demonstrated exceptional transparency, publishing a detailed technical post-mortem acknowledging their responsibility despite the third-party trigger. "We're deeply sorry for this outage: this was a failure on our part," their statement read. The company committed to fundamental architectural changes, including removing singular dependencies on external storage infrastructure and enhancing redundancy within Workers KV.

Notably absent were immediate compensation announcements or regulatory responses. Despite the massive scale of disruption, the FCC issued no public statements, and affected services like Spotify and Discord pointed customers to Google's status pages rather than offering independent communications or service credits.

A seven-hour digital nightmare unfolds

The outage timeline reveals how modern internet failures cascade with frightening speed:

10:51 AM PDT: Google Cloud IAM fails, affecting 40+ locations and 26 services instantly.

11:19 AM PDT: Cloudflare's authentication systems begin failing as Workers KV collapses.

11:30 AM PDT: Consumer services crash en masse—Spotify, Discord, Snapchat report massive outages.

12:41 PM PDT: Google identifies the root cause, begins applying mitigations across regions.

1:16 PM PDT: Most Google services recover except US-Central1, but ripple effects continue.

4:57 PM PDT: Cloudflare declares full operational status after 2 hours and 28 minutes of outage.

6:18 PM PDT: Google achieves full recovery across all services—total duration: 7 hours, 27 minutes.

The extended recovery time highlighted the complexity of modern cloud systems. Even after Google identified and fixed the root cause, services required hours to fully restore as caches rebuilt, databases resynchronized, and authentication tokens regenerated across millions of instances.

Technical vulnerabilities exposed in stark relief

The incident revealed three critical architectural weaknesses in modern internet infrastructure. First, "distributed" systems aren't truly distributed—both Google Cloud and Cloudflare maintained hidden centralized dependencies that became single points of catastrophic failure. Cloudflare's Workers KV, marketed as a globally distributed service, failed completely when its central storage backend (hosted on Google Cloud) became unavailable.

Second, authentication systems represent massive architectural risk. Google's IAM failure didn't just prevent user logins—it broke inter-service communication, administrative tools, and even incident response systems. Modern applications' reliance on centralized identity providers creates cascading failures that can topple entire technology stacks.

Third, cloud provider interdependencies create hidden correlation risks. The revelation that Cloudflare depended on Google Cloud storage shocked many customers who assumed they were diversifying risk by using multiple providers. This hidden coupling meant that a single vendor's failure could simultaneously impact seemingly independent services.

The aftermath demands fundamental change

Both Google and Cloudflare announced significant architectural changes in response to the outage. Cloudflare committed to eliminating external storage dependencies, enhancing redundancy, and developing new recovery tools for progressive service restoration. Google promised a detailed post-mortem analysis and improvements to IAM service reliability.

The broader implications extend beyond technical fixes. Cloudflare's stock dropped 5% following the outage, highlighting investor concerns about infrastructure reliability. Enterprises are reconsidering single-cloud strategies, recognizing that even giants like Google can fail catastrophically. The incident may accelerate adoption of true multi-cloud architectures with active-active configurations rather than simple backup relationships.

Most critically, the outage demonstrated that our global digital infrastructure has become dangerously centralized. When a single authentication service can bring down hundreds of consumer applications, enterprise services, and critical infrastructure simultaneously, the internet's resilience model needs fundamental reconsideration.

Conclusion

The June 12, 2025 internet outage stands as a watershed moment in cloud computing history—not for its technical novelty, but for its stark demonstration of systemic fragility. A single misconfiguration in Google's IAM system triggered seven hours of global disruption, affecting millions of users and causing economic losses likely exceeding hundreds of millions of dollars.

The incident's true cost extends beyond immediate disruption. It revealed that our "distributed" internet relies on hidden centralized dependencies, that authentication systems represent critical vulnerabilities, and that cloud provider partnerships can create unexpected failure correlations. As organizations increasingly depend on cloud services for mission-critical operations, this outage serves as an urgent call for architectural reform, true redundancy, and a fundamental rethinking of how we build resilient digital infrastructure.

The technical lessons are clear: eliminate single points of failure, ensure true provider independence, and design for graceful degradation. But the broader lesson is more sobering—our interconnected digital world remains frighteningly fragile, and without significant architectural changes, future outages may prove even more devastating.