The funding — from Silicon Valley Bank (SVB) and Hercules Capital — will help Thumbtack access new capital and liquidity, the company said in a Wednesday (July 30) news release. 

“We are one of the fastest growing players in the enormous home services industry, which remains less than 10% online,” said Larry Roseman, Thumbtack’s finance chief.

“And there is even more opportunity ahead as we fundamentally change how people manage their homes. This financing with our long-term partners at SVB and Hercules strengthens our balance sheet for the next chapter as we become the go-to partner for homeowners all across the U.S.”

Earlier this year, Thumbtack debuted its comprehensive home management app, which — as PYMNTS wrote — highlights the growing trend of consumers turning to digital tools for tackle do-it-yourself projects and home improvements.

Pointing to data that nearly 70% of homeowners admit to putting off essential home projects due to feeling overwhelmed, the company stressed that the app provides guidance on what projects to prioritize, when to tackle them and who to hire.

“Two things are true about today’s homeowners: they plan to stay and invest in their homes for decades, yet they delay essential upkeep and value-add improvements because they don’t know where to start,” said Marco Zappacosta, co-founder and CEO of Thumbtack.

“This digitally native generation wants to manage their homes the way they run the rest of their lives — on their phones. Our all-in-one app brings the support and peace of mind homeowners need.” 

Beyond the individual features and functionalities “lies a broader trend reshaping the way consumers interact with their living spaces,” PYMNTS wrote, as the proliferation of smart home devices has ushered in a more interconnected home ecosystem. 

PYMNTS Intelligence research shows the average consumer now owns six such devices, with millennials and bridge millennials leading the way with an average of seven devices each. 

“The study also highlighted a consistent rise in the adoption of smart home devices and connected appliances,” PYMNTS wrote.

“For instance, ownership of smart refrigerators rose from 5% in 2019 to 9% in 2023, while connected thermostat ownership climbed from 10% to 15% during the same period. These figures underscore the increasing reliance on smart technologies to streamline household tasks and enhance overall living experiences.”

The post Thumbtack Raises $75 Million to Improve Home Improvement App appeared first on PYMNTS.com.

That’s according to a report Wednesday (July 31) from Bloomberg News, citing a statement from the airline that also says Delta has hired a law firm as it prepares to seek damages from the outage, which canceled thousands of flights earlier this month.

The $500 million figure is in keeping with Wall Street analysts’ estimates from last week, when Delta was still dealing with stranded passengers and the beginnings of a Department of Transportation investigation into its handling of the incident.

The trouble began with a glitch in a software update by cybersecurity firm CrowdStrike, leading to widespread outages of Microsoft’s Windows systems around the world, including at several major corporations, leading to chaos at not only airports but banks and hospitals as well.

As Bloomberg notes, many airlines were able to get back online relatively quickly, while Delta was still dealing with cancellations into the following week.

According to the report, the company’s extended recovery was due to the fact that the outage impacted an in-house system that processes changes to flights and their crews, which left Delta unable to properly align its crews and its planes.

PYMNTS examined the aftermath of the CrowdStrike outage – and other recent cybersecurity incidents – last week in a conversation with CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe.

He noted that when a software update fails, companies typically have contingency plans. But problems with essential security software like CrowdStrike can rapidly escalate, and disruptions to core functions, particularly at the Windows startup level, can be difficult to fix.

“Crises can also catalyze a shift in organizational culture, heightening awareness of cybersecurity issues and encouraging proactive behaviors among employees,” that report noted. “And proactive, hyper-aware behavior is crucial in today’s operating landscape where threat actors can move in real-time to activate new vulnerabilities and manipulate unsuspecting end-users.”

For example, cybercriminals have already tried to capitalize on the CrowdStrike outage by creating fake, malware-infected recovery manuals.

“CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu,” the company warned on its blog. “The document impersonates a Microsoft recovery manual. Initial analysis suggests the activity is likely criminal.”

The post Delta Plans Legal Action Amid $500 Million Hit From CrowdStrike Outage appeared first on PYMNTS.com.

Coursera shares leaped 49%, leading the Work segment 2.7% higher.

The earnings results showed the company surpassed more than 2 million enrollments in its generative AI catalog. Total revenue was $170.3 million, up 11% from $153.7 million a year ago. Consumer revenue was $97.3 million, up 12% year over year, driven in part by generative AI credentials.

Enterprise revenue was $58.7 million, up 8% from a year ago. The company said that the total number of paid enterprise customers increased to 1,511, up 17% from a year ago.

Ocado Gains

Ocado shares rose by 17.6%. During the company’s most recent earnings report, Ocado CEO Tim Steiner said his company is benefiting from a resumption in online grocery buying. The company’s half-year report released earlier in the month noted that group revenues were up 13% to £1.5 billion, while technology solutions revenues gained 22%, and Ocado retail sales gathered 11%.

Elsewhere, and as reported by Reuters, U.S. partner Kroger has placed an order for Ocado’s On-Grid Robotic Pick (OGRP) and Automated Frameload (AFL), to be used in multiple warehouses.

Visa Spotlights Contactless Payments

Visa shares gathered 4.5% in the Pay and Be Paid segment, which lost 2.2% overall. As reported this past week, contactless payments were a key highlight in the company’s earnings call last week.

CEO Ryan McInerney said on the conference call with analysts that tap to pay grew 4 percentage points from last year to 80% of face-to-face transactions globally, excluding the U.S. More than 55 countries have seen more than 90% contactless penetration, he said, in response to analysts’ questions. In the U.S., tap to pay has been tied to more than 50% of in-person commerce transactions, and 30 cities have seen more than 60% penetration.

The company passed the 10 billion token mark this quarter, according to the CEO’s commentary, and the tokens helped generate an estimated $40 billion in incremental eCommerce revenue and prevented an estimated $600 million in fraud.

Revenues from new payment flows, he said, grew by 18% year over year. Visa Direct transactions grew by 41% over the same time.

In the U.S., payments volumes were 4% higher, with debit up 4% and credit up 3% year over year.

CrowdStrike Continues Slide

CrowdStrike continued to decline, down about 17%. In a report released by the company, CrowdStrike says a glitch in test software led to last week’s massive IT outage.

The report also outlines what CrowdStrike aims to do to prevent the problem from recurring, such as implementing “a staggered deployment strategy for Rapid Response Content in which updates are gradually deployed to larger portions of the sensor base,” while also giving customers more control over the delivery of these updates, letting them choose when and where they are deployed.

Block shares lost 11.6%. The company said this week in a posting that it will shutter Cash App UK in mid-September.

“In recent months, we have outlined our strategic approach for Cash App, which prioritizes our focus on the United States, and deprioritizes global expansion. All of our operations remain unaffected by this decision,” as noted in the posting.

The post CE 100 Index Gains 0.4% as Coursera Jumps on Earnings appeared first on PYMNTS.com.

And when it comes to cybersecurity best practices and procedures, recent digital disruptions — from CrowdStrike’s Microsoft outage to AT&T and beyond — can teach enterprises a lot about fortifying their defenses and recovery plans.

After all, it was just Monday (July 22) that the Federal Communications Commission (FCC) released its report criticizing AT&T’s role and response in a February outage that blocked 92 million calls, including over 25,000 attempts to reach 911.

It ultimately took over 12 hours for AT&T to fully restore service. The outage affected all 50 states as well as Washington, D.C., and other domestic territories like Puerto Rico and the U.S. Virgin Islands. It was caused by a botched update related to a network expansion.

Sound familiar? A software update was what led to the CrowdStrike crash last Friday (July 19) which affected 8.5 million Windows machines around the world, leading to chaos at banks, airports and hospitals.

That’s why, in today’s interconnected world, where digital disruptions are, unfortunately, increasingly common, the ability to learn from and adapt to these challenges is crucial for long-term business success.

Read more: CrowdStrike Outage Rolls On; Attention Turns to Software Update Quality Control

Embracing Best Practices Derived From Recent Incidents

Per the FCC’s report on AT&T’s February outage — and not its July cyberattack — factors behind the “extensive scope and duration” of the outage included “a configuration error, a lack of adherence to AT&T Mobility’s internal procedures, a lack of peer review, a failure to adequately test after installation, inadequate laboratory testing, insufficient safeguards and controls to ensure approval of changes affecting the core network, a lack of controls to mitigate the effects of the outage once it began, and a variety of system issues that prolonged the outage once the configuration error had been remedied.”

In other words, a cascading failure to follow proper procedures across key workflows.

While the immediate cause of the outage was an employee who misconfigured a lone network element, adequate peer review should have prevented the change from being approved, the FCC emphasized.

In an interview with PYMNTS Friday, CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe noted that when a software update fails, companies usually have contingency plans. But issues with essential security software like CrowdStrike can quickly escalate, and disruptions to core functions, especially at the Windows startup level, can be difficult to correct.

Post-incident reviews and analyses help refine incident response plans, making future responses more efficient and effective. This continuous improvement process is vital for maintaining a strong security posture.

See also: Businesses Scramble for Backup After CrowdStrike Update Hobbles IT Networks

Crises can also catalyze a shift in organizational culture, heightening awareness of cybersecurity issues and encouraging proactive behaviors among employees.

And proactive, hyper-aware behavior is crucial in today’s operating landscape where threat actors can move in real-time to activate new vulnerabilities and manipulate unsuspecting end-users.

As just one example, cybercriminals have already jumped on the CrowdStrike outage by developing fake, malware-infected recovery manuals.

According to a Monday blog post by CrowdStrike, “CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual. Initial analysis suggests the activity is likely criminal.”

CrowdStrike Intelligence has also monitored other malicious activity leveraging the event as a lure theme, with the company saying it had received reports that threat actors are conducting activities such as sending phishing emails posing as CrowdStrike support to customers; impersonating CrowdStrike staff in phone calls; posing as independent researchers, claiming to have evidence the technical issue is linked to a cyberattack and offering remediation insights; as well as selling scripts purporting to automate recovery from the content update issue.

At the same time, there has been a surge in “typosquatting domains” now being registered to exploit the CrowdStrike outage. Typosquatting is when bad actors set up domain names that appear to be legitimate in order to lure genuine users but have small typos and lead to malicious cyber infections.

For example, some domains already flagged as malicious include crowdstrikefix[.]com; crowdstrike-helpdesk[.]com; and crowdstrikebsod[.]com.

That’s why employee training should cover best practices for password management, recognizing phishing attempts and reporting suspicious activities.

The post Crisis as Catalyst: What AT&T, CrowdStrike Incidents Say About Recovery Best Practices appeared first on PYMNTS.com.

The air carrier on Wednesday (July 24) was still recovering from last week’s incident, in which a software glitch at cybersecurity firm CrowdStrike brought down millions of computers running Microsoft Windows.

According to Bloomberg News, analysts at Citigroup lowered estimates for Delta’s third-quarter adjusted earnings by 60 cents a share in a new report to $1.37, citing “operational expenses and potential customer compensation costs” after the outage. In addition, analyst Stephen Trent also reduced two profit metrics by about $500 million each.

Bloomberg notes that Delta had impacted more by the outage compared to other airlines, which had its systems online during the weekend. Delta, which had canceled more than 5,400 flights due to the outage, said it plans to have operations back to normal by Thursday (July 25).

The report also cites a note from Conor Cunningham of Melius Research, who estimated a $350 million impact to operating profit plus a possible fine from the Department of Transportation, which is investigating Delta’s handling of the outage.

“What is more uncertain is the reputational damage Delta’s image may take given the operational issue,” Cunningham wrote. “It is certainly plausible that forward bookings are impacted.”

CrowdStrike on Wednesday issued a report outlining the circumstances behind the outage last Friday (July 19), which resulted in chaos at not just airports but banks, hospitals and other entities as well.

“CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed,” the report said. “The issue on Friday involved a Rapid Response Content update with an undetected error.”

The report also discusses how CrowdStrike plans to prevent the future outages, such as implementing “a staggered deployment strategy for Rapid Response Content in which updates are gradually deployed to larger portions of the sensor base,” while also giving its clients greater control over the delivery of these updates, letting them pick when/where they are deployed.

As PYMNTS wrote last week, the incident has shone a spotlight on software updates. In an interview here on the day of the outage, CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe noted that when a software update fails, companies tend to have contingency plans.

“But issues with essential security software like CrowdStrike can quickly escalate, and disruptions to core functions, especially at the Windows startup level, can be difficult to correct,” PYMNTS wrote.

The post Delta Reportedly Facing $500 Million Loss From CrowdStrike Outage appeared first on PYMNTS.com.

The cybersecurity company released a report Wednesday (July 24), five days after a crash affected 8.5 million Windows machines around the world, leading to chaos at banks, airports and hospitals.

“CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed,” the report said. “The issue on Friday involved a Rapid Response Content update with an undetected error.”

The report also outlines what CrowdStrike aims to do to prevent the problem from recurring, such as implementing “a staggered deployment strategy for Rapid Response Content in which updates are gradually deployed to larger portions of the sensor base,” while also giving customers more control over the delivery of these updates, letting them choose when and where they are deployed.

As PYMNTS wrote last week, the incident has shone a spotlight on software updates. In an interview here Friday (July 19), CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe noted that when a software update fails, companies usually have contingency plans.

But issues with essential security software like CrowdStrike can quickly escalate, and disruptions to core functions, especially at the Windows startup level, can be difficult to correct.

“In such cases, it may necessitate a complete system reinstallation from a prior backup, akin to wiping a hard drive and starting anew,” that report said. “This process is both complex and time-consuming, especially for systems that are locked out at startup, leaving limited options for a swift resolution.”

Meanwhile, PYMNTS discussed the crash earlier this week with Finexio CEO Ernest Rolfson, who stressed the importance of quality control in software updates.

Rolfson said he was taken aback by the timing of a recent software update from a Finexio partner, rolled out in the morning and during the workweek.

“Typically, updates are scheduled after hours or on weekends to minimize disruptions, given the fact that best practices suggest staggering the release to avoid widespread issues if problems arise,” PYMNTS wrote.

Meanwhile, the fallout from the outage continues, with the Department of Transportation launching an investigation into Delta Air Lines’ handling of the incident, and two members of the House Homeland Security Committee calling on CrowdStrike’s CEO to testify about the crash.

The post CrowdStrike: Content Update Glitch Caused Worldwide IT Crash appeared first on PYMNTS.com.

Alan Estevez, the department’s export controls chief, announced last week that the rules will target components responsible for managing vehicle software and data, requiring them to originate from allied countries.

This regulatory initiative follows Commerce Secretary Gina Raimondo’s May announcement of forthcoming rules specifically addressing Chinese-linked vehicles, to be published later this year. Raimondo indicated that the Biden administration could take drastic measures, such as banning Chinese-connected vehicles or imposing restrictions, following a probe initiated in February into potential national security risks posed by Chinese vehicle imports.

Estevez’s remarks at a forum in Colorado represent the clearest indication to date of the administration’s stance on Chinese vehicles, which have raised significant concerns. He underscored the seriousness of the cybersecurity threat, noting that modern vehicles, equipped with sophisticated software and network infrastructure, gather extensive user data, posing vulnerabilities to security breaches.

Connecting the Data

Connected vehicles, equipped with integrated network hardware enabling internet connectivity, have the capability to exchange data with both internal and external devices. Estevez emphasized these risks, stating, “A car is formidable. Your vehicle gathers a wealth of information about you, from software updates to driving habits, connectivity to personal devices and location tracking.”

In response to potential U.S. actions, the Chinese foreign ministry urged adherence to market economy laws and fair competition principles, asserting the global popularity of Chinese cars driven by technological innovation and robust market competition.

In her May remarks, Raimondo warned of potential catastrophic consequences if software in millions of connected vehicles were compromised. Despite relatively low imports of Chinese-made light-duty vehicles, the Biden administration has proposed substantial tariff hikes on Chinese electric vehicles and other goods, set to be implemented by Aug. 1.

The Connected Car Economy

Looking forward, the Automotive Edge Computing Consortium (AECC) forecasts that by 2025, global connected vehicle numbers will reach approximately 100 million, with data transmissions between vehicles and the cloud totaling about 10 exabytes per month — equivalent to 10 billion gigabytes.

According to a 2021 white paper titled, “Distributed Computing in an AECC System,” the AECC outlined best practices for distributed computing to manage the substantial data volumes associated with connected vehicles. Notable members of the AECC board include Toyota, Intel, Ericsson, Denso, Samsung, Dell-EMC, Nippon Telegraph and Telephone (NTT) and KDDI Research.

The report emphasized the unique challenges posed by connected vehicles.

“For connected vehicles, the amount of uploaded data is massive, concentrated (in time and location) and often time sensitive,” the report said.

In contrast to conventional consumer mobility services, which predominantly involve data flowing from providers to consumers, connected vehicles primarily transmit data to service providers. This operational dynamic underscores the critical need for distributed computing capabilities within AECC systems to uphold optimal service standards, particularly those intricately tied to vehicle functionalities, per the report.

Data Privacy

Privacy has always been a key issue as the topic of connected vehicles picks up steam.

Revelations in a New York Times report highlight a troubling reality for drivers: detailed records of every trip, including speed and abrupt braking, are meticulously logged by data brokers.

This insight into the thorough monitoring of driving behavior highlights a broader concern among consumers about the privacy of their data in the era of connected cars.

These internet-enabled vehicles, equipped with advanced features such as GPS navigation systems, cameras and sensors, heavily rely on the collection and transmission of extensive data.

While this data access has undeniably enhanced overall driving experiences — improving safety, traffic management, payment efficiency and offering personalized entertainment options — the practice of automakers sharing driving data with third parties, particularly insurance companies, has sparked heated debate.

Advocates, such as data brokers like LexisNexis, argue that personalized insurance premiums based on driving behavior could incentivize safer practices and potentially lower rates. Critics, however, have voiced concerns about potential data misuse and exploitation.

The post Commerce Department to Release Rules on Connected Vehicles appeared first on PYMNTS.com.

Assuming it gets the license and regulatory approval it needs, DraftKings would make the nation’s capital its 29th North American market, the company said in a Tuesday (July 23) press release. The launch is part of a partnership with D.C. United, the district’s professional men’s soccer team.

“It has been incredible to see legalized sports betting grow rapidly over the past six years, and with plans to launch our online sportsbook in D.C., DraftKings looks forward to expanding its presence in more than half the country,” Matt Kalish, president of DraftKings North America, said in the release.

The release notes that D.C. is home to a number of professional sports teams, with fans soon able to access a range of betting markets and offerings like same-game parlays, in-game betting and special odds boosts.

“With the D.C. Council’s recent decision to expand the world of sports betting in D.C., we look forward to working with DraftKings to introduce their online sportsbook as another way for D.C. residents to bet in the city,” said Danita Johnson, president of business operations for D.C. United. “Our goal is to always make every fan experience seamless, and this platform will help us to deliver on that promise.”

The news release closes with a lengthy statement on DraftKings’ commitment to combating problem gambling. The company and six of America’s other largest sportsbook companies launched a trade group in March aimed at dealing with the issue.

The Responsible Online Gaming Association (ROGA) hopes to come up with resources to aid in responsible gaming education and awareness.

The launch of that association comes amid a surge in sports betting across the U.S., with 38 states and the District of Columbia letting residents place wagers on professional sports.

Meanwhile, research by PYMNTS Intelligence finds that most online sports betting fans prefer instant disbursements, though few have access to them.

According to that report, 79% of gamblers opted for instant digital disbursements when offered them, while 76% who did not have the option to receive instant payouts would have chosen instant if offered. In all, a little less than half of gamers have access to real-time disbursements.

The post DraftKings Bringing Online Sportsbook to Washington DC appeared first on PYMNTS.com.

It’s not over

Financial institutions were temporarily hit Friday and the outage that stemmed from CrowdStrike and spread to Windows systems went deep and wide. According to DownDetector’s reading on Friday, several banks and other financial institutions were affected, but not as badly as the medical and airlines sectors. The effect on airline scheduling has been well-documented, and Wired magazine reported that several hospitals in the U.K., Australia and Israel were affected. Banks that were temporarily affected included Wells Fargo, Charles Schwab and TD Bank. While most systems are now up and running, the fix for the CrowdStrike outage is manual and will take some time.

As CrowdStrike CEO George Kurtz told NBC: “Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that just automatically won’t recover, but it is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.”

Be prepared for fraudster reactions

Kurtz warned CrowdStrike clients that bad actors will try and capitalize on the vulnerability exposed during the outage. According to security software provider McAfee, opportunistic scammers are seizing the moment to exploit vulnerabilities. McAfee reports a surge in fraudulent schemes, with cybercriminals employing a variety of tactics to deceive consumers. These scams span from phishing attacks disguised as flight rescheduling notices to fraudsters impersonating banks to steal login credentials. Even retailers requesting alternate payment methods have been implicated in these deceptive practices.

“As the digital landscape becomes increasingly interconnected, the importance of maintaining rigorous cybersecurity measures cannot be overstated,” a McAfee blog stated. “Consumers and organizations alike must stay vigilant, enhance their security protocols, and remain proactive in safeguarding their personal and operational data against such threats. This incident serves as a stark reminder of the cascading effects that a single point of failure can have in our globally networked environment.”

CrowdStrike and Microsoft have responded

Crisis management was in full effect over the weekend at both Microsoft and CrowdStrike. Microsoft’s reaction, posted to its website, indicated that it was still working with its cloud service providers AWS and Google to determine the extent of the damage caused by the “blue screen of death” experienced by what it said was 8.5 million users on Friday.

“This incident demonstrates the interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers,” Microsoft said. “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist. As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together. We appreciate the cooperation and collaboration of our entire sector, and we will continue to update with learnings and next steps.”

There is a workaround

CrowdStrike has responded with a public relations blitz and a detailed tech workaround to reinstall systems for developers. In an update provided on Sunday (July 21) the company said the Falcon Sensor system, which failed during the outage, has been restored. “We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed,” it said.

Software updates are under the microscope

As Adam Lowe, Ph.D., chief product and innovation officer at CompoSecure/Arculus with more than a decade of experience with software updates, told PYMNTS on Friday, when a software update falters, companies typically have contingency plans to reverse the changes. However, issues with essential security software like CrowdStrike can escalate dramatically. If an update disrupts core system functions, particularly at the Windows startup level, rectifying the problem can be daunting. In such cases, it may necessitate a complete system reinstallation from a prior backup, akin to wiping a hard drive and starting anew. This process is both complex and time-consuming, especially for systems that are locked out at startup, leaving limited options for a swift resolution.

And some finger-pointing has already started. Was CrowdStrike the victim of a poor testing environment?

“I am a Certified Healthcare CIO, so I have years of background working in this field,” wrote a commentator on the Krebs on Security blog. “There is a lot of friction between the ‘new’ generation of IT leaders and my generation of IT leaders. My generation has always focused much effort on testing and regression testing of code and patches, the result being longer patch cycles. New DevOps teams want to patch more often with less testing. Both approaches have their pros and cons. This is an example of the ‘old’ way of testing being more appropriate. In my world, if we had 10 variants of Windows Operating Systems (Windows 10, release xxxxxx, Windows 11, release xxxxxx), I would require 1000 tests to be run, 100 on each variant, before we released to PROD. In today’s DevOps world, it is common to minimize testing, and just fix ‘whatever breaks’ on the backend, after-the-fact. The reality is that we need to meet in the middle between these two processes and come up with something that prevents this from happening.”

The post CrowdStrike Aftermath: Five Things You Need to Know appeared first on PYMNTS.com.

Of course, CrowdStrike was the focus here, as its shares plunging nearly 18% on the week led the Work segment 1.5% lower.

Banks, airlines and nearly any and every business relying on a Microsoft Windows computer system found themselves grappling with a massive disruption, PYMNTS reported.

As of late afternoon Friday, what was being called “the worst IT outage in history” was still rippling through various systems. The outage was tied to a software update issued by security firm CrowdStrike that inadvertently took down Microsoft’s systems. CrowdStrike software is used by over half of Fortune 500 companies.

Domino’s slid roughly the same amount during the week, by about 17%, and the Eat pillar was down 2.7% through the week.

As reported during the company’s most recent earnings, CEO Russell Weiner shared that loyalty reward redemptions for pickup orders have skyrocketed since the brand refreshed its program last fall.

“Consumer spending [is] slow, but let’s think about what’s happened with that as a backdrop. We’ve grown orders in our delivery business, our carryout business, every income cohort,” Weiner said. “We’ve grown order count in international. [That’s] what’s going on in an economy where folks are maybe struggling to decide what to buy.”  U.S. same-store sales growth came in at 4.8%. Analysts expected growth of 4.9%, as reported by The Wall Street Journal.

These losses were more than enough to offset the 2% rally in the Bank sector.

Banks Weigh in on Consumer Spending

Goldman Sachs shares were 3.8% higher. Drilling down into the data, the company’s credit card balances, up 11% year over year to $19 billion, remain somewhat even with the first quarter, while management said on the conference call with analysts that they were “pleased” with the card performance.

Charge-offs of 8.4% for consumer loans have been consistent with recent quarters. The overall provision for credit losses in the quarter stood at $395 million, down 27% year over year, reflecting the card business (the wholesale loan charge-offs, according to the data, stand at 0%).

Within its platform solutions segment, consumer platforms delivered 4% growth to $599 million in revenues, which reflected higher average credit card balances, though results were offset by the GreenSky transaction.

American Express pushed ahead with a 5% gain this week, but the Pay and Be Pay segment slipped 1.3%. American Express earnings released on Friday indicated that consumers continue to spend on experiences — particularly dining out — and that momentum belongs to the younger generations who are using their cards more often.

Spending by millennial and Gen Z customers was up 13% year over year, management said.

CFO Christophe Le Caillec said on the conference call with analysts that spending growth was visible across several categories. Spending on goods and services was 6% higher, and travel and entertainment-related spending grew 7%.

“We did see some slower growth in certain [travel and entertainment] categories versus the prior quarter, especially in airline and lodging,” he said. But spending at restaurants, he said, “remained strong.”

As for using the cards more often, the company’s transaction growth was 9% higher in the June quarter vs. last year.

BNPL providers such as Sezzle rocketed ahead by 66%. As reported this past week by PYMNTS, Sezzle has added Spanish language capability to its buy now, pay later (BNPL) app and checkout. This capability is meant to appeal to the 40 million Americans who speak Spanish, the company said in a Tuesday release.

Affirm shares lost nearly 10%.

In general news tied to the BNPL space, the Consumer Financial Protection Bureau’s (CFPB) rule classifying BNPL as credit card providers takes effect July 30, meaning these firms must provide legal protections and rights delivered by conventional credit cards.

A letter this week from the American FinTech Council (which, among other enterprises, represents BNPL providers) to Rohit Chopra, director of the CFPB, asked that the rule become effective next year, not this month.

In the letter, the Council argued that “given the complexity and variation in business models, lender practices, and partnerships with merchants, as well as differences in the levels of preexisting compliance with the provisions enumerated in the Interpretive Rule by BNPL lenders, it seems prudent to adopt an extended compliance period. Therefore, AFC recommends extending the effective date of the Interpretive Rule from its current date of July 30, 2024, to January 1, 2025.”

The post CE 100 Index Falters 0.8% as CrowdStrike Plunges on Global IT Outage appeared first on PYMNTS.com.