Delta Rebuffs CrowdStrike Criticism, Sees $500M Hit From Cyber ​​Outage

Delta Air Lines said Thursday it is filing legal action against CrowdStrike and Microsoft after a global outage last month caused mass flight cancellations, disrupting the travel plans of 1.3 million customers and costing at least $500 million .

A software update last month by global cyber security firm CrowdStrike triggered system problems for Microsoft customers, including many airlines. Disruption persisted at Delta even as it eased the next day at other major US carriers.

The Atlanta-based carrier canceled about 7,000 flights over five days. It also faces an investigation by the US Department of Transportation for the outages.

“An operational disruption of this length and magnitude is unacceptable, and our customers and employees deserve better,” Delta CEO Ed Bastian said in a Thursday SEC filing.

Outages that lasted for days triggered a blame game. Bastian blamed both CrowdStrike and Microsoft for failing to provide “exceptional service.”

Both tech companies rejected Delta’s claim that they should be blamed for the flight disruptions.

On Sunday, CrowdStrike said it would respond “aggressively” to protect its shareholders, employees and other stakeholders if Delta files a lawsuit.

Guy Carpenter: CrowdStrike ‘Kitty Cat’ Outage Caused $300M – $1B In Insured Losses

Microsoft also vowed to “vigorously” defend itself, saying its preliminary review suggested that Delta, unlike its competitors, apparently had not modernized its IT infrastructure.

In a letter to CrowdStrike on Thursday, David Boies, who represents Delta, said the airline was “surprised and disappointed by CrowdStrike’s decision to attempt a ‘blame the victim’ defense.”

“There is no basis — none — to suggest that Delta was in any way responsible for the faulty software that crashed systems around the world, including Delta’s,” Boies wrote.

He said Delta has invested billions of dollars in information technology and attributed the airline’s struggle to restore operations to its reliance on CrowdStrike and Microsoft.

A CrowdStrike spokesperson said Delta was promoting a “misleading narrative.” “CrowdStrike and Delta teams worked closely together within hours of the incident,” the spokesperson said.

Delta said it expects a direct revenue hit of $380 million from the outage in the current quarter due to refunds to customers for canceled flights and cash and miles compensation to frequent flyers.

The company reported additional expenses of $170 million as a result of customer reimbursements and crew-related costs. However, the flight cancellations are expected to reduce the fuel bill by $50 million, Delta said.

Delta told US lawmakers that the flawed CrowdStrike update “affected more than half of Delta’s computers, including many of Delta’s workstations at every airport in the Delta network.”

(Reporting by Rajesh Kumar Singh in Chicago and David Shepardson in Washington; Editing by David Gregorio and Diane Craft)

TOPICS
Cyber