Delta Escalates Legal Battle With CrowdStrike, Microsoft Amid $550M Loss From IT Outage

Delta Air Lines disclosed Thursday that the global IT outage in July cost the company $550 million, according to a regulatory filing. The airline said it is pursuing legal claims against CrowdStrike and Microsoft.

The airline also responded sharply to recent statements by the cybersecurity firm, as tensions continue to rise among Delta, CrowdStrike, and Microsoft over their respective roles in the massive tech failure.

The outage, which became one of the most significant technical disruptions in recent memory, led to a $380 million loss in revenue for Delta, CNN reported. The airline attributed this to the need for issuing refunds to passengers and compensating them with cash and SkyMiles.

Delta also spent $170 million on recovery efforts, including operational costs associated with helping passengers and crew members affected by over 7,000 flight cancellations during the five-day disruption.

The company's fuel expenses were estimated to be $50 million lower due to the cancellations.

In a letter issued by Delta's attorney David Boies, the airline expressed "surprise and disappointment" at CrowdStrike's "blame the victim" defense, which implied that Delta was partially responsible for the software failures that triggered the outage.

Delta criticized CrowdStrike's response to the incident, and said the cybersecurity firm's CEO, George Kurtz, only reached out to Delta CEO Ed Bastian nearly four days after the outage began, a delay the airline deemed "unhelpful and untimely."

"CrowdStrike's offers of assistance during the first 65 hours of the outage simply referred Delta to CrowdStrike's publicly available remediation website," Boies said.

The letter further revealed that CrowdStrike's attempt to provide an automated solution on Sunday, July 21, introduced a second bug, which complicated recovery efforts, and it required additional intervention to restore affected systems.

Delta's frustrations were also directed at CrowdStrike's apology for its role in the incident. Boies called the apology "vastly inadequate," especially given the company's alleged attempts to shift blame onto Delta.

CrowdStrike, however, defended its actions. A spokesperson for the company told Axios that CrowdStrike had been in direct contact with Delta's Chief Information Security Officer (CISO) within hours of the incident to offer support and technical assistance.

The spokesperson also cited a statement from Delta board member David DeWalt, who publicly praised CrowdStrike's efforts to resolve the issue.

Earlier this week, Microsoft had hit back at Delta, accusing the airline of not modernizing its technology before canceling flights following the IT outage.