Skift Take
In the latest tit-for-tat between Delta, CrowdStrike and Microsoft, Delta is claiming that CrowdStrikeâs offer of onsite assistance came after it restored most of its critical systems.
Delta Air Lines fired back at CrowdStrike Thursday, saying the cybersecurity firm is taking a âblame the victimâ defense.
In a letter sent to CrowdStrikeâs attorney, Deltaâs lawyer David Boies said CrowdStrike failed to provide an âautomaticâ solution to resolve an IT outage that eventually turned into a meltdown for Delta.
âThere is no basis â none â to suggest that Delta was in any way responsible for the faulty software that crashed systems around the world, including Deltaâs,â Boies wrote. CrowdStrike has not suggested that Delta was responsible for the July 19 outage, but that it shouldnât be blamed for Deltaâs five day-long meltdown.
While other airlines recovered quickly from the July 19 CrowdStrike outage, it took Delta much longer to bounce back. The carrier canceled around 7,000 flights.
Delta is now expecting to take a $380 million revenue hit during the third quarter, according to a regulatory filing posted Thursday. The carrier will also incur $170 million in expenses related to customer reimbursements and crew costs.
CEO Ed Bastian told CNBCâs âSquawk Boxâ last week that the carrier had âno choiceâ but to sue CrowdStrike and Microsoft.
Boiesâ letter refutes most of the claims from CrowdStrike. However, the letter does not directly address Microsoftâs claims. Microsoftâs attorney sent a letter to Delta on Tuesday that claimed outdated technology most likely caused Deltaâs meltdown.Â
âRather than continuing to try to evade responsibility, I would hope that CrowdStrike would immediately share everything it knows,â Boiesâ letter read. âIt will all come out in litigation anyway.â
Delta Claims CrowdStrike Wasn’t Proactive
CrowdStrike said on Monday that it offered Delta onsite assistance for the meltdown, but Delta refused. The cybersecurity firmâs lawyer also said that its CEO contacted Bastian, but got no response.
Now, Delta is claiming that CrowdStrike CEO George Kurzâs offer of help was âunhelpful and untimely.â Boies wrote that the offer came four days after the IT outage and by that time, Delta had already restored most of its critical systems.
âMany of the remaining machines were located in secure airport areas requiring government-mandated access clearance,â the letter read. âBy that time Deltaâs confidence in CrowdStrike was naturally shaken.â
Delta is also claiming that CrowdStrike did not proactively offer onsite assistance. Instead, the carrier said CrowdStrike referred it to a website that suggested to manually reboot every single affected machine. Â
CrowdStrike said Kurz called Delta board member David DeWalt four hours into the July 19 outage and the company’s chief security officer was in contact with their counterpart at Delta. CrowdStrike also said its teams and Delta’s “worked closely together within hours of the incident.” The cybersecurity firm added that it offered more assistance beyond the website.
“Delta continues to push a misleading narrative,” a CrowdStrike spokesperson said in a statement.
Boies said that when CrowdStrike offered an automated solution July 21, the company also introduced another bug that âprevented many machines from recovering without additional intervention.â
Delta Says It’s More Reliant on Microsoft and CrowdStrike
Deltaâs lawyer said the carrierâs longer recovery time was due to the fact that itâs more reliant on CrowdStrike and Microsoft than other airlines. Around 60% of Deltaâs âmission-criticalâ applications, including back-ups, rely on CrowdStrike and Microsoft, the letter said.
âDeltaâs reliance on CrowdStrike and Microsoft actually exacerbated its experience in the CrowdStrike-caused disaster,â the letter read.
Another issue for Delta during the meltdown was that it couldnât get in touch with crew members. Delta previously said its crew scheduling systems needed a longer time to synchronize. Boiesâ letter said CrowdStrikeâs July 19 software update caused such a significant backlog in Deltaâs crew scheduling systems that it needed human intervention to be resolved.Â
See CrowdStrike’s full statement below:
“Delta continues to push a misleading narrative. CrowdStrike CEO George Kurtz called Delta board member David DeWalt within four hours of the incident on July 19th. CrowdStrikeâs Chief Security Officer was in direct contact with Deltaâs CISO within hours of the incident, providing information and offering support. CrowdStrikeâs and Deltaâs teams worked closely together within hours of the incident, with CrowdStrike providing technical support beyond what was available on the website. This level of customer support led Delta board member David DeWalt to publicly state on LinkedIn [linkedin.com]: âGeorge and his team have done an incredible job, working through the night in difficult circumstances to deliver a fix. It is a huge credit to the Crowdstrike team and their leadership that many woke up to a fix already available.”
Airlines Sector Stock Index Performance Year-to-Date
What am I looking at? The performance of airline sector stocks within the ST200. The index includes companies publicly traded across global markets including network carriers, low-cost carriers, and other related companies.
The Skift Travel 200 (ST200) combines the financial performance of nearly 200 travel companies worth more than a trillion dollars into a single number. See more airlines sector financial performance.
Read the full methodology behind the Skift Travel 200.
