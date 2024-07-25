CrowdStrike is under fire again after offering staff and partners a $10 UberEats voucher as compensation for a global IT outage that wreaked havoc across airlines, banks and hospitals – some of which contained error messages.

The cybersecurity firm’s software update on Friday (19.07.24) hit 8.5 million devices worldwide and experts have said it will take the world weeks to recover.

In an email to its partners, CrowdStrike admitted it was aware of the extra workload caused by the incident and said about its compensation offer: “To express our gratitude, your next cup of coffee or late-night snack is on us!”

The note then directed recipients to use a code for the $10 credit.

But the gesture was met with ridicule – with one Reddit user describing it as part of an “absolute clown show”.

Another lamented: “I literally wanted to drive my car off a bridge this weekend, and they bought me coffee. Nice.”

On LinkedIn, a self-identified CrowdStrike partner slammed the gesture by saying: “The offer of a cup of coffee or Uber Eats credit doesn’t make up for the tens of thousands lost in man hours and customer trust due to the July 19 incident.”

CrowdStrike confirmed to the BBC vouchers were sent to “teammates” and “partners” who assisted customers during the outage.

Some recipients even reported issues with the vouchers – which Uber flagged as fraudulent due to high usage rates.

CrowdStrike admitted to the latest mistake.

The company faces mounting questions about potential financial compensation for affected customers.

CrowdStrike has pledged to improve software tests after a faulty content update for Windows systems triggered the outage, resulting in widespread disruptions and millions of PCs displaying “blue screens of death”.

A detailed review of the crisis published on Wednesday (24.07.24) revealed a bug in a system designed to ensure software updates function correctly.

CrowdStrike said the glitch allowed “problematic content data” to go undetected, but assured it could prevent future incidents with better software testing and checks, including more developer scrutiny.

Cybersecurity experts slated CrowdStrike's handling of the situation.

Consultant Daniel Card told BBC News the review showed the company lacked the proper safeguards to prevent such incidents. Researcher Kevin Beaumont said CrowdStrike doesn‘t “test in waves”, opting instead for an immediate “rapid response update” that he called a “huge mistake”.

The US government has launched an investigation into Delta Airlines’ handling of the outage, which led to hundreds of flight cancellations.

CrowdStrike CEO George Kurtz is also set to testify before Congress about the blackout, with the House Committee on Homeland Security warning in a letter the incident highlighted the national security risks of network dependency.