CrowdStrike is offering clients a rather small package of incentives as recompense for the global information technology outage sparked by a faulty software update last month.

The software firm, which triggered an outage for Microsoft users around the world last month and an operational meltdown at Delta Air Lines, expects to give US$60mil (RM258.9mil) worth of incentives to clients in the second half of the fiscal year in the wake of the debacle. Austin, Texas-based CrowdStrike in its announcement of quarterly financial results lowered its revenue forecast due to the “customer commitment package.”

The $60 million estimated value is small compared to the hit one customer – Atlanta-based Delta – said it took after the global outage. A CrowdStrike spokesperson said late Thursday the customer commitment package is unrelated to potential legal exposure, for which it has not provided an estimate. The incentives include discounts, subscription extensions and other offers.

Delta estimated a financial toll of more than US$500mil (RM2.15bil) to the airline from the CrowdStrike outage. While many other companies and airlines recovered within hours, Delta spiraled into five days of chaos that left passengers stranded in cities and airports around the country.

Delta CEO Ed Bastian has vowed to pursue potential claims against CrowdStrike and Microsoft, and hired well-known lawyer David Boies of Boies Schiller Flexner.

CrowdStrike Chief Financial Officer Burt Podbere said during an investor conference call Wednesday afternoon “the outcome of litigation is inherently difficult to predict, particularly in the early stages. It is still too early for us to estimate any potential legal exposure we may have at this time.”

Podbere said agreements with customers have provisions limiting CrowdStrike’s liability, and the company has insurance policies “intended to mitigate the potential impact of certain claims.”

Delta’s estimate includes about US$380mil (RM1.64bil) in lost revenue and about US$170mil (RM733.7mil) in expense from the disruption, with 7,000 flight cancellations over five days, according to a filing earlier this month with the US Securities and Exchange Commission.

According to Delta’s filing with the SEC, the lost revenue is primarily due to refunds to customers for canceled flights and compensation to customers with cash and SkyMiles. The airline said the expense is mostly due to reimbursements for customers’ expenses and costs for crews.

CrowdStrike CEO and co-founder George Kurtz during the investor call apologised “to everyone impacted” by the incident.

“Thank you to the broader cybersecurity and IT community, standing with us as we faced the most challenging event in our company history,” Kurtz said. “The magnitude of the July 19 incident will never be lost on me, and my commitment is to make sure this never happens again.”

Kurtz called the days following the incident “among the most challenging in my career” and said the company is working on improving its process to release software updates. He said the customer commitment packages “are a proactive and concerted investment” to build loyalty.

Attorneys for Delta, CrowdStrike and Microsoft have sparred through legal threats in the weeks since the outage.

“If CrowdStrike genuinely seeks to avoid a lawsuit by Delta, then it must accept real responsibility for its actions and compensate Delta for the severe damage it caused to Delta’s business, reputation, and goodwill,” wrote Boies, representing Delta, in a letter to Quinn Emanuel attorney Michael Carlinsky, who represents CrowdStrike.

The US Department of Transportation is investigating Delta’s response to the outage. There have also been multiple lawsuits seeking class action status filed against Delta and CrowdStrike.

Carlinsky sent a letter to Boies saying the airline’s public threat of litigation “has contributed to a misleading narrative that CrowdStrike is responsible for Delta’s IT decisions and response to the outage.” He wrote CrowdStrike reiterates its apology, while adding the software firm “strongly rejects any allegation that it was grossly negligent or committed willful misconduct.”

Carlinsky also emphasised CrowdStrike’s liability to Delta is “contractually capped at an amount in the single-digit millions.”

For the second quarter ended July 31, CrowdStrike reported $963.9 million in revenue and US$712.8mil (RM4.16bil) in operating expenses. It reported US$46.7mil (RM201mil) in quarterly income, more than five times its profit of US$8.5mil (RM36.6mil) a year ago. – The Atlanta Journal-Constitution/Tribune News Service