Delta cancels hundreds more flights as fallout from CrowdStrike outage persists

CrowdStrike - major player in cybersecurity released automatic update that caused major global outage

Delta Air Lines canceled flights for a third straight day Monday as it struggles to recover from a global software outage that took down Microsoft systems around the world. The outage, related to a faulty update from cybersecurity company CrowdStrike, also hindered operations at shipping and logistics companies, retailers and banks.

Delta CEO Ed Bastian said in a public letter Sunday that it paused flying after the outage occurred on Friday, resulting in 3,500 canceled flights through Saturday and continuing into Sunday. The outage hit on what was the airline's "busiest travel weekend of the summer," according to Bastian.

On Monday, when most other airlines had largely recovered from the software outage, as of 3 p.m. Eastern Time Delta had canceled or delayed a total of more than 2,000 flights within, into or out of the U.S., according to flight tracking website FlightAware. As of 3 p.m. Eastern, the carrier had canceled more than 800 flights. 

Overall, Delta has scrapped more than 4,500 flights since July 19 — more than double its total number of 2024 cancellations before the CrowdStrike glitch, FlightAware data shows. 

"There is no excuse for this. None. Delta has the money to invest in new [information technology]. They should have made those investments," Atmosphere Research Group President Henry Harteveldt told CBS News senior transportation correspondent Kris Van Cleave. "But IT investments take a long time and don't give you stuff to show off on Instagram."

How the CrowdStrike glitch crippled operations across the globe

Bastian said many Delta applications run on Microsoft Windows, which was affected by the CrowdStrike issue. Most crucially, one of the airline's crew tracking tools was rendered inoperable, making it impossible for Delta to "effectively process the unprecedented number of changes triggered by the system shutdown," Bastian said. "Our teams have been working around the clock to recover and restore full functionality."

Bastian said Delta would offer travel waivers to customers on affected flights, allowing them to change their itineraries and rebook flights without a fee. "I encourage you to take advantage of that flexibility if possible," Bastian said in his letter. 

Secretary of Transportation Pete Buttigieg took aim at Delta on X, calling the way the airline was treating customers during the business interruption "unacceptable."

"We have received reports of continued disruptions and unacceptable customer service conditions at Delta Air Lines, including hundreds of complaints filed with @USDOT. I have made clear to Delta that we will hold them to all applicable passenger protections," he wrote.

He also made clear that under federal regulations, customers are not obligated to accept travel credit to rebook their flights, rather they are entitled to immediate refunds. 

"Delta must provide prompt refunds to consumers who choose not to take rebooking, free rebooking for those who do, and timely reimbursements for food and hotel stays to consumers affected by these delays and cancellations, as well as adequate customer service assistance," Buttigieg said. 

CrowdStrike warning

CrowdStrike issued an update Sunday, saying it's testing a new way to bring companies' software systems back online. CrowdStrike added it had identified and isolated the issue that caused the outage, and that the incident was not related to a cyberattack. 

Microsoft says the glitch affected 8.5 million devices around the world, with experts saying it could take days or even weeks to repair every affected computer.

Bay Area computer experts baffled by Crowdstrike policy that led to outage

Companies in other industries such as health care continue to grapple with restoring their systems and service to customers. For example, hospitals, which cancelled elective procedures Friday, now have a backlog of appointments to reschedule. 

The recovery process unfolds as CrowdStrike cautioned that other cybercriminals are attempting to exploit the event. The company warned in a blog post that bad actors, posing as CrowdStrike, have tried to distribute a malicious ZIP archive named crowdstrike-hotfix.zip, claiming it is a fix to the system flaw. 

—CBS News' Kris Van Cleave and the Associated Press contributed to this story

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.