Delta Air Lines faced a massive outage last month, leading to thousands of flight cancellations that cost the company an estimated $500 million in losses. Despite the severity of the situation, Delta CEO Ed Bastian revealed that the airline had rejected onsite help from CrowdStrike, a cybersecurity company. This decision could have potentially prevented or mitigated the impact of the outage, yet Delta chose to handle the situation independently.
CrowdStrike’s lawyer, Michael Carlinsky, highlighted in a letter to Delta’s lawyer, David Boies, that the airline’s litigation threats created a misleading narrative. He mentioned that CrowdStrike’s CEO, George Kurtz, reached out to Bastian to offer onsite assistance, but received no response from Delta. This lack of communication and refusal of help from cybersecurity experts raise questions about Delta’s IT decisions and response capabilities.
The outage, caused by a botched software update, resulted in the cancellation of more than 5,000 flights, surpassing those of Delta’s rivals. CrowdStrike shares plummeted by 36%, reflecting the negative impact of the outage on the company’s reputation and financial performance. The incident affected various industries, from banking to healthcare to air travel, emphasizing the need for robust cybersecurity measures in today’s digital age.
With Delta planning to pursue legal claims to recover its losses, CrowdStrike emphasized that the airline would have to justify its actions to the public, shareholders, and possibly a jury. Carlinsky’s letter mentioned that Delta would need to provide a series of documents related to its IT infrastructure, business continuity plans, and past outage management. CrowdStrike’s contractual liability is limited, indicating potential complexities in the legal battle between the two companies.
Despite the challenges and disputes, CrowdStrike expressed its willingness to cooperatively find a resolution with Delta. The cybersecurity company vowed to release future software updates in stages to prevent similar incidents, as indicated in a post-incident report. Additionally, CrowdStrike shareholders filed a lawsuit against the company, seeking compensation for investment declines in response to the outage. The upcoming fiscal second-quarter results will shed light on CrowdStrike’s financial performance amidst the aftermath of the cybersecurity incident.
The Delta Air Lines cybersecurity outage sheds light on the importance of effective communication, collaboration, and crisis management in the face of cyber threats. The rejection of onsite assistance from cybersecurity experts reflects a potential oversight in Delta’s IT decision-making process. Moving forward, both Delta and CrowdStrike should prioritize cybersecurity preparedness to prevent future incidents and protect their stakeholders’ interests.
Leave a Reply