Originally Posted by ethernal

I am intimately familiar with Crowdstrike and the type of enterprise contracts they and their competitors have. While I cannot speak to Delta's specific contract or provide details on Crowdstrike's exact terms for other clients, I have seen them for Fortune 1000 companies and every single one liability caps for breach or outage including for companies that managed to negotiate unlimited liability for professional services only service providers (as opposed to Crowdstrike which is blended PS and product).

I can't/won't share what those liability caps typically are, but Delta has in all likelihood already exceeded them at this point. There is no meaningful benefit from continuing to try to blame Crowdstrike at this juncture for events past Friday and maybe Saturday. If forced, Crowdstrike will pay the max liability cap and move on. They don't want public court records going on about this incident and reminding current or potential future customers of this incident.

Is it possible Delta managed to negotiate an unlimited liability contract? It's possible, but I am deeply skeptical. Is it possible that Delta will try to claim gross negligence and try to recover beyond the liability cap? Maybe, but based on precedent from similar issues from other software and infrastructure providers, I am deeply skeptical - especially since at some point the responsibility falls on Delta to recover even though the proximate cause of the outage may have been Crowdstrike.

No, I think that this is just tone deafness from Delta's leadership team. Possibly augmented by a technology executive trying to say they will make Crowdstrike pay for it or something, even if not supported by legal and contracts.