CrowdStrike fired back at Delta after the airline’s CEO lashed out at the cybersecurity firm for computer problems that he said cost Delta $500 million. CrowdStrike claimed Delta would have to explain its own IT shortcomings in any litigation, and that it ignored CrowdStrike’s offers of assistance.
In a letter from CrowdStrike’s legal counsel to Delta’s legal counsel on Sunday, the cybersecurity firm said it was “highly disappointed by Delta’s suggestion that CrowdStrike acted inappropriately and strongly rejects any allegation that it was grossly negligent or committed willful misconduct.”
CrowdStrike CEO George Kurtz offered online assistance personally to Delta CEO Ed Bastian but received no response, the letter said, adding that Delta later told CrowdStrike no help was needed during the airline’s nearly weeklong service outage that canceled thousands of flights.
Delta’s public litigation threat “contributed to a misleading narrative that CrowdStrike is responsible for Delta’s IT decisions and response to the outage,” attorney Michael Carlinsky wrote in the letter, “Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions—swiftly, transparently, and constructively—while Delta did not.”
CrowdStrike’s flawed software update caused widespread computer outages on July 19 at Delta and hundreds of other companies around the globe.
But last week, Bastian claimed CrowdStrike was nowhere to be found during the meltdown.
“They haven’t offered us anything. Free consulting advice to help us,” said the Delta CEO in an interview on CNBC.
“If you’re going to have priority access to the Delta ecosystem in terms of technology, you’ve got to test this stuff,” Bastian said. “You can’t come into a mission critical 24/7 operation and tell us we have a bug. It doesn’t work.”
CrowdStrike’s letter brought up criticisms other passengers had with Delta’s meltdown in July. It said Delta would have to explain why other airlines restored operations faster and why it turned down CrowdStrike’s onsite assistance. It also said Delta would have to explain “resiliency capabilities of Delta’s IT infrastructure.”
The computer problems at Delta knocked its crucial crew tracking system offline for the better part of a week, making it impossible for the company to find pilots and flight attendants it needed to fly its aircraft. While other airlines were quick to resume normal operations after the CrowdStrike outage, Delta was forced to cancel about 30% of its schedule over five days, leaving an estimated half-million passengers stranded. It took many days after that to re-book affected passengers on other flights and return their checked bags.
The cybersecurity company also said it was contractually capped at liabilities in the single millions.
CrowdStrike said that while litigation would be unfortunate, it is willing to fight back.
The letter was addressed to high-profile attorney David Boies, who CNN reported had been hired by Delta to pursue compensation from CrowdStrike as well as Microsoft, whose Windows operating system on Delta’s computers was disrupted by the software update.
“CrowdStrike will respond aggressively, if forced to do so, in order to protect its shareholders, employees, and other stakeholders,” the letter said.
Delta has yet to file the lawsuit. The airline did not have comment but directed inquiries to Bastian’s interview on CNBC.
“We have no choice,” Bastian previously told CNBC. “We have to protect our shareholders, we have to protect our customers (and) our employees for the damage, not just the cost but the reputational damage.”
CNN’s Chris Isidore contributed to this report.