The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta’s extended IT outage was caused by poor disaster recovery plans and the airline refusing to accept free onsite help in restoring Windows devices.
After CrowdStrike pushed out a faulty update for its Falcon cybersecurity software, over 8.5 million Windows devices suddenly crashed and would no longer boot into the operating system.
To fix the issues, IT staff were required to manually remove the bad update from Windows devices, leading to extended IT outages for companies with thousands of devices.
Delta's outages lasted for five days as the company attempted to restore servers, leaving airline passengers stranded as thousands of flights were disrupted.
Last week, Delta Air Lines CEO Ed Bastian appeared on CNBC where he explained that the airline lost $500 million dollars due to the IT outages, stating that CrowdStrike offered nothing but "free consulting advice to help us."
Due to the massive revenue loss, Bastian said they had no choice but to sue CrowdStrike to protect their shareholders, customers, and employees.
"So anyway, we have to protect our shareholders. We have to protect our customers, our employees--for the damage, not just to the cost, but the brand, the reputational damage, and the physical challenge," Bastian said in an interview on CNBC's SquawkBox.
Delta hired litigator David Boies, who reportedly sent letters to CrowdStrike and Microsoft warning the companies to prepare for litigation around these outages.
CrowdStrike's counsel Michael Carlinsky responded Sunday, rejecting the claims that the cybersecurity firm "was grossly negligent or committed willful misconduct" in regards to the faulty update or is solely responsible for Delta's extended IT outage.
In the letter shared with BleepingComputer, the cybersecurity firm said they offered Delta free onsite assistance to help recover Windows devices and was ultimately told that it was not needed.
"Within hours of the incident, CrowdStrike reached out to Delta to offer assistance and ensure Delta was aware of an available remediation," reads the letter from CrowdStrike's counsel, Michael Carlinsky.
"Additionally, CrowdStrike's CEO personally reached out to Delta's CEO to offer onsite assistance, but received no response. CrowdStrike followed up with Delta on the offer for onsite support and was told that the onsite resources were not needed."
CrowdStrike also questioned why Delta's competitors, who faced similar challenges, could restore operations quicker, implicating that faulty procedures and infrastructure were partly responsible for the airline's lengthy outages.
The cybersecurity firm is now calling on Delta to "reconsider its approach".
However, in light of the legal threats, CrowdStrike is now asking Delta to preserve data, emails, and communications related to the Falcon incident to be used in potential discovery during a lawsuit.
When asked about CrowdStrike's letter, Delta referred us to Bastian's interview on CNBC.
CrowdStrike shared the following statement with BleepingComputer about the letter from its lawyers.
"The letter speaks for itself. We have expressed our regret and apologies to all of our customers for this incident and the disruption that resulted," CrowdStrike told BleepingComputer.
"Public posturing about potentially bringing a meritless lawsuit against CrowdStrike as a long-time partner is not constructive to any party. We hope that Delta will agree to work cooperatively to find a resolution."
CrowdStrike was recently sued by its investors in a class-action lawsuit claiming that the cybersecurity company knowingly made false statements about the quality of its products and procedures.
Comments
electrolite - 3 months ago
"The letter speaks for itself. We have expressed our regret and apologies to all of our customers for this incident and the disruption that resulted,"
That is all nice and dandy but you are still liable for gross negligence regardless of how poorly Delta's IT infrastructure is run. You don't just get to say sorry and get off the hook.
NetwkMgr - 3 months ago
Delta didn't prepare and deploy the faulty update. Crowdstrike did. After an incident like that, I too would be reluctant to allow anyone from their company to come anywhere near my infrastructure--no matter how good the intent was.
mhrtry - 3 months ago
Delta is also filing a lawsuit against Microsoft in addition to CrowdStrike. Per the New York Times, both CrowdStrike and Microsoft say the fault lies with Delta because the system that Delta uses for tracking and scheduling flight crews are maintained by IBM and other companies using outdated equipment. Delta refused help from Microsoft and CrowdStrike over a 5 day period.
CrowdStrike and Microsoft point out that other airlines had contingency plans that allowed them to recover quickly and get back on schedule within a couple of days, well before Delta could.