This story was updated at 7:50 p.m. Thursday with comments from Frontier Airlines CEO Barry Biffle.
Both Delta Air Lines and Frontier voiced their commitments to seek remuneration from CrowdStrike and Microsoft for the July 19th breakdown in air traffic.
Delta said in a filing on Thursday that it lost about $550 million due to the incident, including a $380 decline in revenue and a $170 million expense. Also, Delta’s attorney wrote a letter to CrowdStrike’s attorney saying that its offers to assist were both delayed and without value.
CrowdStrike, a cyber security company, responded on Thursday, saying that “Delta continues to push a misleading narrative.” It said it moved quickly to assist Delta.
Meanwhile, on the Frontier earnings call on Thursday, CEO Barry Biffle said the carrier lost $20 million in July due to technology outages. The day before the CrowdStrike mishap, he said, a Microsoft outage impacted sales from 4 p.m. on and several hundred flights were cancelled. Of the $20 million, “We’re still sorting out which part went to each,” he said. When an analyst asked whether Frontier will seek restitution, he said, “We don’t discuss those types of things yet, but you will expect we will look to recover every penny.”
A CrowdStrike spokesperson said, “We have not received any outreach from Frontier Airlines, and they are not a CrowdStrike customer.”
In response, Biffle said in an interview that the carrier has significant interaction with CrowdStrike through third parties. He provided four examples: Frontier could not check in passengers because reservations provider Navitaire uses Crowdstrike. Frontier uses Delta to move parts and Delta suspended cargo delivery. Companies that provide parts to Frontier could not get into their inventories. Also, some employee entrance keypads at airports could not operate.
“I don’t think CrowdStrike understands the scope of all the businesses they have as customers and the customers of those businesses, because we were impacted in multiple ways,” Biffle said. “ I don’t think they have an appreciation for what their customers do.”
In the letter to the attorney for CrowdStrike, Delta attorney David Boies said the impact on the carrier from CrowdStrike’s faulty content update shut down more than 37,000 computers and disrupted travel for more than 1.3 million Delta customers. The carrier canceled about 5,500 flights.
Earlier this week, Boies received letters from attorneys representing Microsoft and CrowdStrike. Both letters said the companies offered to help Delta and were turned away, and told Delta to back off charges that the companies were responsible for the cancellations. Delta CEO Ed Bastian has put the price tag for cancellations and related costs at $500 million.
Boies wrote that as Delta employees worked to recover from the damage, “Their efforts were hindered by CrowdStrike’s failure to promptly provide an automatic solution or the information needed to facilitate those efforts.
“CrowdStrike’s offers of assistance during the first 65 hours of the outage simply referred Delta to CrowdStrike’s publicly available remediation website, which instructed Delta to manually reboot every single affected machine,” Boies said. Later “CrowdStrike CEO George Kurtz’ single offer of support to Ed Bastian on the evening of Monday, July 22, was unhelpful and untimely. When made—almost four days after the CrowdStrike disaster began—Delta had already restored its critical systems and most other machines.”
Boies said Delta relied heavily on CrowdStrike and Microsoft. “Approximately 60% of Delta’s mission-critical applications and their associated data—including Delta’s redundant backup systems—depend on the Microsoft Windows operating system and CrowdStrike.” One result was dislocation of thousands of crew members from their scheduled assignment, he said.
In its statement, CrowdStrike had a different version of events. It said that Kurtz called a Delta board member and its CISO within hours of the incident, “providing information and offering support. CrowdStrike’s and Delta’s teams worked closely together within hours of the incident, with CrowdStrike providing technical support beyond what was available on the website,” it said.