PYMNTS Intelligence Banner June 2024

Delta Reportedly Facing $500 Million Loss From CrowdStrike Outage

Delta Air Lines is reportedly facing a half-billion dollar hit after last week’s IT outage.

The air carrier on Wednesday (July 24) was still recovering from last week’s incident, in which a software glitch at cybersecurity firm CrowdStrike brought down millions of computers running Microsoft Windows.

According to Bloomberg News, analysts at Citigroup lowered estimates for Delta’s third-quarter adjusted earnings by 60 cents a share in a new report to $1.37, citing “operational expenses and potential customer compensation costs” after the outage. In addition, analyst Stephen Trent also reduced two profit metrics by about $500 million each.

Bloomberg notes that Delta had impacted more by the outage compared to other airlines, which had its systems online during the weekend. Delta, which had canceled more than 5,400 flights due to the outage, said it plans to have operations back to normal by Thursday (July 25).

The report also cites a note from Conor Cunningham of Melius Research, who estimated a $350 million impact to operating profit plus a possible fine from the Department of Transportation, which is investigating Delta’s handling of the outage.

“What is more uncertain is the reputational damage Delta’s image may take given the operational issue,” Cunningham wrote. “It is certainly plausible that forward bookings are impacted.”

CrowdStrike on Wednesday issued a report outlining the circumstances behind the outage last Friday (July 19), which resulted in chaos at not just airports but banks, hospitals and other entities as well.

“CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed,” the report said. “The issue on Friday involved a Rapid Response Content update with an undetected error.”

The report also discusses how CrowdStrike plans to prevent the future outages, such as implementing “a staggered deployment strategy for Rapid Response Content in which updates are gradually deployed to larger portions of the sensor base,” while also giving its clients greater control over the delivery of these updates, letting them pick when/where they are deployed.

As PYMNTS wrote last week, the incident has shone a spotlight on software updates. In an interview here on the day of the outage, CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe noted that when a software update fails, companies tend to have contingency plans.

“But issues with essential security software like CrowdStrike can quickly escalate, and disruptions to core functions, especially at the Windows startup level, can be difficult to correct,” PYMNTS wrote.