Delta Cancels, Delays Thousands of Flights Following Tech Outage

The Microsoft systems security update by CrowdStrike on July 19 affected sectors that included banks, tech firms, airports, and logistics companies.
Delta Cancels, Delays Thousands of Flights Following Tech Outage
Delta jets on the tarmac at John F. Kennedy Airport (JFK) in New York City on Jan. 31, 2020. Spencer Platt/Getty Images
Naveen Athrappully
Updated:
0:00

Delta Air Lines continued to see a high number of flight cancellations and delays on July 22 as the company tried to resolve system disruptions caused by the recent global IT outage.

The disruption was triggered by technical issues with a software update on Microsoft systems on July 19, which took many networks out of service. The outage affected sectors that included banks, tech firms, airports, and logistics companies.
Delta confirmed that the issue had affected its systems and hadn’t been fully resolved. The Atlanta-based airline had the most flight cancellations and delays of any airline with flights within, to, or from the United States on July 19, July 20, and July 21, according to data from FlightAware.com.

On each of these three days, the company registered more than 1,200 flight cancellations and more than 1,500 delays. The airline had more than 600 cancellations and more than 170 delays on July 22 as of 8 a.m. Eastern time.

“Our server is currently unavailable, but we’re looking into the problem,” the company said in an outage alert at the time. “Hold tight. We'll have delta.com back up and running momentarily.”

Delta CEO Ed Bastian said that the airline has a “significant number” of applications that use Microsoft Windows systems. The airline’s crew-tracking tools were affected by the shutdown, adversely affecting operations.

“The technology issue occurred on the busiest travel weekend of the summer, with our booked loads exceeding 90 percent, limiting our reaccommodation capabilities,” he said.

“I want to apologize to every one of you who have been impacted by these events. Delta is in the business of connecting the world, and we understand how difficult it can be when your travels are disrupted.”

Delta is offering travel waivers to customers whose flights were affected by the outages. The waiver allows people to make a one-time change to their itinerary, and applies to travel dates from July 19 to July 23. The new tickets must be issued on or before July 28.
“The fare difference for customers will be waived when rebooked travel occurs on or before July 28, in the same cabin of service as originally booked.”

Airline Disruption, Outage Resolution

Other major U.S. airlines also suffered disruptions from the IT outage. American Airlines resolved the problem and reestablished operations by July 19.

United Airlines said that most of its systems had recovered from the outage by July 20. However, some disruptions continued, and there were flight delays and cancellations.

The outage happened after cybersecurity firm CrowdStrike released an update for a security product. This update triggered a “logic error” on Windows systems, causing the machines to crash and display a blue screen.

CrowdStrike claims that the issue was resolved on July 19. The incident affected only Windows 10 and later systems.

According to Microsoft, most of its services were “up and running” as of 8 a.m. on July 22. The only service facing issues was the workplace collaboration app Microsoft Teams.

The U.S. Cybersecurity and Infrastructure Security Agency warned that “cyber threat actors continue to leverage the outage to conduct malicious activity, including phishing attempts.”

The agency “continues to work closely with CrowdStrike and other private sector and government partners to actively monitor any emerging malicious activity.”

CrowdStrike said that threat actors were leveraging the event by distributing a malicious zip file named “crowdstrike-hotfix.zip.” The hacking attempts likely focused on customers in Latin America, the company said.
Microsoft estimates that the CrowdStrike update affected 8.5 million Windows devices worldwide, which it claims is less than 1 percent of total Windows machines.

“This incident demonstrates the interconnected nature of our broad ecosystem—global cloud providers, software platforms, security vendors and other software vendors, and customers,” the company said.

“It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.”