Black Friday Turns Servers Dark at Wal-Mart, Macys

Written by Evan Schuman
November 24th, 2006

Two key E-Commerce leaders? and themselves shut out of the holiday sales rush for much of Friday, as their sites slowed to a crawl starting at about 4 AM in the East.

Keynote Systems, which tracks Web traffic, saw the Wal-Mart site “effectively down” from 4:30 AM Friday (East Coast time) until 2:30 PM Friday, said Ben Rushlo, a Keynote senior manager of competitive research.

In the morning, Rushlo said, the site of the nation’s largest retailer was eight times slower than normal, with many unable to even reach the homepage. “Every request was either completely down?with an error message?or unusually slow,” he said.

Things changed at 1:15 PM when the site went down completely, apparently a deliberate move by Wal-Mart to try and fix the problem. Users were then greeted with a Wal-Mart maintenance page. About an hour later?at 2:30 PM?the site came up and functioned perfectly.

A Wal-Mart spokesperson–Amy Colella?was quoted by the Associated Press as blaming the problems on a “higher than anticipated traffic surge.” But 4:30 AM seems an unusually early time for such a surge, especially given that Wal-Mart’s site would presumably have been prepared for a huge traffic surge on Friday anyway.

That said, this year did see extremely early traffic surges at Wal-Mart’s brick-and-mortars, which absolutely would have prompted an online traffic spike. Ironically, the E-Commerce player that had been having periodic outages this year?Amazon?had a very uneventful day on Black Friday. One possible reason is that, unlike brick and mortars like Wal-Mart and Macys, Amazon is obviously always open 24×7, so it is less exposed to huge traffic surges as would Wal-Mart when it opens early for special events. Reports of huge lines out of Wal-Marts at 4 AM were flooding the Web.

Some industry observers speculated that it might have been an outsourced data center that was cause of the problem. Completely overloaded routers could have triggered such a situation, but the time of the impact makes that less likely. Another scenario was a denial-of-service attack, but the pattern of when the servers were back up makes that a less likely scenario.

Another key retailer who had problems on Friday was The parade people suffered what could be called The Disaster On 34th Street starting at about 4 AM, when their site was returning almost 100 percent error rates, according to a source familiar with’s Web operations but who requested anonymity. Their performance dropped to one-sixth is normal response time and it didn’t get repaired until about 2:15 PM.

The similarity of the times of both Macy’s and Wal-Mart’s outages?starting at 4 AM and 4:30 AM and completely resolving at 2:15 PM and 2:30 PM respectively?raised some initial questions about whether it was an Internet-wide problem, but the strengths of many other retail sites tended to eliminate that possibility. But the possibility that both sites were using the same data center seemed more likely, although that could not be confirmed.

On the good news front, the E-Commerce giant that was most closely watched on Friday? quite well, after some well-publicized outages. Amazon had a small hiccup on its site on Thanksgiving, but fared well on Black Friday itself, Rushlo said on Friday night. “? has been virtually perfect over the last two days, with no performance slowdowns and only a small period of performance stress when the XBOX 360 promotion was occurring,” he said. ? was clearly ready for the holiday rush.?


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.