Amazon Web Services (AWS) suffered a major outage this week that left a large portion of the internet offline, exposing the world’s growing dependence on a small group of cloud providers.
The outage, which began late on Oct. 19 and lasted through much of the following day, originated in AWS’s US-East-1 region, one of the company’s largest and most heavily used data hubs.
A problem with the system that helps computers find and connect to DynamoDB — one of AWS’s main database tools — caused a chain reaction.
Because many other AWS services depend on DynamoDB to store and access data, the issue spread quickly, disrupting login systems, app functions and background processes that rely on it.
As a result, websites and apps used by millions, including Amazon.com, Prime Video, Coinbase, Delta Air Lines and even U.K. government services such as HMRC experienced significant downtime.
Smart home systems, banking apps, social media sites and streaming platforms were also affected.
AWS has since confirmed that all services have been fully restored, but the incident has reignited debate about the resilience of the cloud, the concentration of digital power and how dependent global commerce has become on a handful of providers.
A single point of failure
“AWS powers millions of websites and applications, elevating a technical glitch from an inconvenience to a global disruption,” said Brent Ellis, principal analyst at Forrester.
“This particular outage exposes core issues with cloud resilience and the dangers of concentration risk — when so many companies become dependent on a single provider or even a single region.”
Ellis highlighted that since the disruption was not confined to AWS’s internal dependencies, and DynamoDB supports analytics, machine learning and search functions across the platform, its failure spread rapidly.
“Assuming tech giants are too big to fail is a mistake,” Ellis said. “When core services like DNS fail, even well-designed systems can become unstable.”
Social engineering risk rises
Beyond the technical disruption, experts point out that the outage created fertile ground for cybercriminals.
Attackers often exploit large-scale outages to launch social engineering campaigns, impersonating service providers to trick users into revealing credentials or downloading malicious updates.
“Hackers can easily take advantage of these types of outages,” said Stefanie Schappert, senior journalist at Cybernews. “Whether in the office or at home, nothing is more frustrating than losing the ability to access files and documents.”
She explains that cybercriminals will send out phishing emails offering to “fix” the issue, but in reality, these scammers are looking to steal your personal information, such as login credentials.
Users were urged to verify all communications from banks, cloud providers and app services through official websites rather than email links. Delaying password resets or financial transactions until services are confirmed restored can also reduce exposure to scams.
Testing resilience — human and technical
Rukmini Reddy, senior vice president of engineering at PagerDuty, also stressed that outages are inevitable, even for companies “spending tens of millions on infrastructure.”
“What separates winners from losers is preparation,” Reddy said. “In today’s environment, detecting and responding to disruption is as critical as building the technology itself.”
PagerDuty, which helps organizations manage incident response, said it remained online throughout the AWS disruption — an outcome Reddy attributed to diversified systems, clear processes and redundant partnerships.
Analysts argue that such diversification, whether through multiregion or multicloud strategies, is increasingly essential.
“Convenience often overshadows the complexity of navigating nested dependencies in concentrated environments,” Ellis added.
“This outage should remind organizations that resilience isn’t just about uptime — it’s about visibility, preparedness, and the ability to operate through disruption.”