DOT Probes Delta’s Handling of CrowdStrike Outage

Delta Air Lines

Delta Air Lines’ handling of a recent mass IT outage is the target of a federal investigation.

The investigation is to “ensure the airline is following the law and taking care of its passengers during continued widespread disruptions,” Department of Transportation (DOT) Secretary Pete Buttigieg wrote on X (formerly Twitter) Tuesday (July 23) morning.

“All airline passengers have the right to be treated fairly, and I will make sure that right is upheld,” he continued.

The announcement comes as Delta continues to deal with the fallout of what has been called “the worst IT outage in history,” triggered when a software update by security company CrowdStrike took down Microsoft’s systems.

“Banks, airlines, hospitals, fast food chains, retailers, even the Paris Olympics, and nearly any and every business relying on a Microsoft Windows computer system found themselves grappling with a massive disruption that brought critical services to a standstill,” PYMNTS wrote last week.

According to a report by Bloomberg News, Delta said it is “fully cooperating” with the DOT investigation and remains “entirely focused” on restoring operations. More than half of its systems rely on Windows, the report said.

Bloomberg also cited data from tracking service FlightAware showing that Delta had canceled 440 daily flights as of mid-morning Tuesday, or 12% of its normal schedule, bringing its total number of canceled flights to around 5,400. Other major airlines — American, United, and Southwest — had under 100 canceled flights the same day.

Delta CEO Ed Bastian had told several news media outlets on Monday (July 22) that it would take “another couple of days” to get all the airline’s operations running smoothly.

As PYMNTS wrote last week, the CrowdStrike incident shines a spotlight on the pervasive reliance on access to IT infrastructure in today’s digital economy and highlights fact that — as within the digital payments and commerce landscape — when systems go down, organizations need to make sure they have an analog backup in place.

“It’s really a core lesson in the ability to not have a single point of failure,” said CompoSecure/Arculus Chief Product and Innovation Officer Adam Lowe. “If you look at the systems and look at the way the tool affected the problem, it did not affect Linux servers. It did not affect Mac systems. It only affected Windows. That’s a challenge and it’s a lesson in picking alternatives to critical systems.”

PYMNTS-MonitorEdge-May-2024