CrowdStrike Offers a $10 Apology Gift Card To Say Sorry For Outage 120
Lorenzo Franceschi-Bicchierai, reporting for TechCrunch: CrowdStrike, the cybersecurity firm that crashed millions of computers with a botched update all over the world last week, is offering its partners a $10 Uber Eats gift card as an apology, according to several people who say they received the gift card, as well as a source who also received one. On Tuesday, a source told TechCrunch that they received an email from CrowdStrike offering them the gift card because the company recognizes "the additional work that the July 19 incident has caused."
"And for that, we send our heartfelt thanks and apologies for the inconvenience," the email read, according to a screenshot shared by the source. The same email was also posted on X by someone else. "To express our gratitude, your next cup of coffee or late night snack is on us!" The report adds that some people are having trouble redeeming the card. Some are seeing the error that says the gift card "has been canceled by the issuing party and is no longer valid."
"And for that, we send our heartfelt thanks and apologies for the inconvenience," the email read, according to a screenshot shared by the source. The same email was also posted on X by someone else. "To express our gratitude, your next cup of coffee or late night snack is on us!" The report adds that some people are having trouble redeeming the card. Some are seeing the error that says the gift card "has been canceled by the issuing party and is no longer valid."
No thanks (Score:2, Informative)
Crowdstrike is a professional botnet. And I bet that the monies for this "I'm so sorry" $10 is funded (or laundered) from one of our favorite three-letter agencies, as this platform is an invaluable intelligence gathering tool for many purposes.
I'm surprised someone hasn't invented a product to compete -- you can't really patent a botnet. Resources.
Re: (Score:2)
On the contrary!
EVERY. SINGLE. CUSTOMER of CrowdStrike should request their $10 to bankrupt the shit out of them.
A tenner doesn't seem like much, but I bet they're counting on only a few people requesting a payout to avoid losing their shirt on that one.
Re: (Score:3)
I suspect that the $10 story is made up. Their customers are B2B not retail.
Re: (Score:2)
There wouldn't be so many, like Visa and this or that bank or airline or hospital.
Re: (Score:2)
EVERY. SINGLE. CUSTOMER of CrowdStrike should request their $10 to bankrupt the shit out of them.
Probably not. They'll just raise the price of their service $10 for everyone -- but claim it's to "improve their service" or "ensure this can't happen again" or <insert BS here> ...
Partner not Customer (Score:3)
EVERY. SINGLE. CUSTOMER of CrowdStrike
They are not sending it to their customers which would be literally insane since their customers like the airlines have had to shell out hundreds of thousands of dollars to people for cancelled flights and getting a $10 gift card from those who caused it would be adding insult to injury. Instead, they are sending it to their partners who help them sell their services to their customers. While not as bad I doubt it's anything close to enough to make up for the level of unhappiness their partners have been d
Re: No thanks (Score:2)
And Microsoft is now heading for holding all computers hostage with Windows 11.
Re: (Score:2)
Maybe should have sent ti back to the CEO, suggesting that if they think this would cover the 80 staff, in a respectable way, then maybe he (she?) needs it more than they do?
Re: (Score:3)
Re: LEGAL LIABILITY (Score:2)
Re: LEGAL LIABILITY (Score:2)
I remember daydreaming with my classmates about writing a program that would take your Z and spit out a finished program.
Re: LEGAL LIABILITY (Score:2)
It would then likely just do the wrong thing in a formally correct way :-)
Re: (Score:2)
I remember telling my classmates that Z's approach to software is to prevent it from being written, therefore ensuring there are no bugs.
Has there ever been any successful uses of Z apart from the CICS effort, which given that it involved rewriting a bunch of error-prone assembly-language modules dating back to the 1960s meant that almost anything you did as long as it didn't involve Oracle would count as a success story?
Re: LEGAL LIABILITY (Score:2)
Even if they do, who can guarantee that the OS and standard library do not have bugs? That there is no hardware failure that leads to an apparent software issue?
Re: LEGAL LIABILITY (Score:2)
Re:LEGAL LIABILITY (Score:5, Insightful)
Re: (Score:2)
Customers, in turn, installed those patches without testing them before letting them be installed on their system.
Yes, CrowdStrike made an error, but without the users just blindly accepting vendor updates without any oversight or testing is also an error.
Why are we permitting system admins to shirk their responsibilities and just allow any random update from a vendor into their systems?
This was not a patch. It was a channel file which we have absolutely no control over. We can choose to stay on N-1 or N-2 for the sensor updates (which we do) but the channel files get pushed out no matter what. This is by design.
Re: (Score:2)
This was not a patch. It was a channel file which we have absolutely no control over. We can choose to stay on N-1 or N-2 for the sensor updates (which we do) but the channel files get pushed out no matter what. This is by design.
Then it's a stupid design and the solution is to stop using software made by companies that operate as if you are little more than the renter of the infrastructure that you actually own and to start firing the idiots responsible for choosing that vendor in the first place.
It's a travesty that engineers and developers get put into a position where the response to a catastrophic problem caused by a third party vendor is "We have absolutely no control over it", yet those same engineers and developers are held
Re: (Score:2)
We're a smallish company (350 or so employees) with way too small of an IT team. As the senior IT engineer at my company, I'm one of the idiots responsible for choosing that vendor in the first place. I'm disinclined to want to fire myself.
The part of the design in question was not known to us. We were all surprised that our N-1 policy could be bypassed by the channel files. We didn't even know those files existed.
We could get angry and switch to a different vendor, but their software probably also contains
Re: (Score:2)
That you're allowing a vendor to have the level of access to your systems necessary to be able to unilaterally push files to your systems without your knowledge that bypasses your standing N-1 policy in and of itself is a major security flaw. "We didn't know those files even existed" isn't a valid excuse because they shouldn't have that level of access to your systems in the first place.
if a vendor ever came to me and tried to sell me on their services and one of their requirements was that I grant them the
AT&T offered me $1.75 bill cred when shit the (Score:2)
And it would have taken me $20 of time to fill out the forms and wait on hold to get it. It's a joke.
Re: (Score:3)
Probably a waiver (Score:5, Interesting)
Re: (Score:3)
If it is I'm not sure how many takers they'll get. Getting a $10 Uber Eats card is like getting a $100 Apple Store card.
Re: (Score:3)
In the voucher, or the actual product itself? Customers already waived these rights. The question will be is if gross negligence can be proven then those rights are meaningless.
Re: (Score:2)
Lawful Masses (an actual lawyer, albeit a copyright specialist) doesn't think so: https://youtu.be/byZHIoqi8oo [youtu.be]
Whatever terms their EULA has can't override negligence laws.
They are probably desperate right now. The liabilities are huge so they could be looking at bankruptcy and restructuring, or liquidation.
Gift Card No Longer Valid (Score:5, Funny)
Maybe the gift card company is using CrowdStrike software?
no we onlyed funded 1000 max for gift cards and yo (Score:2)
no we onlyed funded 1000 max for gift cards and you where to slow.
Re: (Score:2)
One of their employees just got the voucher in his email so they tried to forward it on to everyone
An Apology from CrowdStrike! Funny! (Score:2)
Comment removed (Score:5, Insightful)
Re:Insult to injury (Score:5, Insightful)
He essentially said what Warren Buffett has said about reputation:
âoeIt takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently."
Re:Insult to injury (Score:5, Funny)
Or just use the Microsoft approach: make yourself a hateful and hated but unavoidable company from the get-go and you have no reputation to lose.
Re: (Score:2)
What will you do differently? Worry about your reputation all the time? Maybe pause before every action to think "How will this ruin my reputation?"
I don't think he did anything wrong, like "OMG you turned off the internet!"
Systemically they probably lacked a good way to test these things before releasing them into the wild. How much does he get paid to take the blame for the company failing to do its job well?
Re: (Score:2)
Oh dang he takes home $13 million to compensate for the North Star gut punch he received.
Re: (Score:2)
Re:Insult to injury (Score:5, Insightful)
Ok, let's hear it.
That's a really good start.
Re: (Score:3)
Ok, let's hear it.
That's a really good start.
There was a time when that sort of statement could tickle the empathy centers enough to not come across as, "I'm sorry, BUT WHAT ABOUT ME?" Sadly, forty years of being beaten, raped, beaten again, raped again, shit on, lit on fire, then told it's all our fault for paying them anyway has left us not really feeling much empathy for these C suite bozos. And at some point, the publicity gurus need to update their bingo cards and remove the whining follow-up of "woe is me" to public apologies. Maybe they could p
Re: (Score:2)
Obviously this is insulting. They should have just stuck with the CSO's apology:
“we failed you, and for that I’m deeply sorry.”
“I’ve been in my professional life for almost 40 years, and my North Star has always been to ‘protect good people from bad things,’” Henry wrote. “The past two days have been the most challenging 48 hours for me over 12+ years. The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch.”
Yeah, we feel real bad for him. That $10 gift card is especially insulting if you look at the supposed value of Crowdstrike as a company. Granted, they seem to have lost a few billion over the last few days, which is expected, but I gotta think the public opinion would be better had they not handed out these piddly little nothings and just stuck with written or spoken apologies and an attempt to transparently show how they are going to prevent this going forward. Though I will expect a lot of "obscurity is
Re: (Score:2)
Yes... The outage likely costed at least 10 hours extra for Each of the average firm's Desktop support team.
They have it right that a financial renumeration would be appropriate. Try at least a credit for 3 months' service.
A $10 gift card doesn't even buy lunch for one employee these days.
Doubtful Any Compensation Due (Score:2)
They have it right that a financial renumeration would be appropriate.
If that were true Microsoft would have gone bankrupt years ago given all the trouble their mistakes have cause desktop support people over the decades. Usually there is some disclaimer in the fine print in which you accept that you are using software at your own risk. To get money you'll probably have to prove gross negligence and/or deliberate malfeasance. The later does not seem to be true and it's hard to see this a more than normal incompetence rather than gross negligence. After all they are not the f
Re: Insult to injury (Score:2)
Really, a three month credit for all users? First off, that cuts annual revenue by 25% - they'll never do that, and besides, consider how that could come across to their customers "I'm sorry our shitty software brought down your company for a day or two, tell you what we'll do - we'll give you three free months of our shitty software, hopefully we won't make another mistake like the last one!"
Re: (Score:2)
consider how that could come across to their customers "I'm sorry our shitty software brought down your company for a day or two, tell you what we'll do - we'll give you three free months of our shitty software
They could Offer to refund 3 months if the customer wishes to cancel service.
The customers Won't cancel though, Because they are legally required to have an EDR as it's necessary to pass compliance audits. And there really is no alternative to Crowdstrike in the EDR business. All their competit
Re: (Score:2)
Obviously this is insulting. They should have just stuck with the CSO's apology:
"we failed you, and for that I’m deeply sorry."
"I’ve been in my professional life for almost 40 years, and my North Star has always been to 'protect good people from bad things,'" Henry wrote. "The past two days have been the most challenging 48 hours for me over 12+ years. The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch."
Even the apology is insulting, given that this has happened at least twice before in the past short while. If he was so keen to "protect good people from bad things" he would have learned the lesson about not testing properly before shipping and this latest fiasco simply wouldn't have happened. Sincere sounding, but utter bullshit - crocodile tears, if you will.
Re: Insult to injury (Score:2)
Why don't the customers quarantine the updates and test them before rolling them out into every production machine they administer? Esp if this is (as you say) the third time their updates have cause catastrophic failures for customers?
Re: (Score:2)
AFAICT CrowdStrike accesses all those production machines directly to deliver updates. I don't think it's the situation - safer, but more labour intensive and harder to manage - where an IT department receives an update from CrowdStrike and pushes it themselves. That way of doing things is what companies should insist on from now on, but I suspect they won't. Individual department managers won't want to take the cost hit in their budgets, and the PHB's who do things like sign CrowdStrike contacts are usuall
Re: (Score:3)
Why do C-level execs always speak in cliches? North Star Gut Punch sounds like a great karate move.
Aside from that, I feel bad for him. This is why I don't go reaching for the top. Leaders are often just there for someone to place blame on.
I still get the feeling my insides are falling out when any sort of incident occurs, and I'm getting tired of it. It used to be fun to figure out why shit was broken. Now it's just stress nobody needs and the company's like hey, we're losing money, what are you doing abou
Comment removed (Score:5, Informative)
Paid to Send This Out (Score:3)
I expect Uber paid them to send this out to promote Uber Eats. So they're trying to make a profit on their failure.
Re: (Score:2)
Re: (Score:2)
I'm not sure that's the angle any company would want - it's a little too close to "Uber Eats: the official sponsor of Crowdstrike fuckups". Although there does appear to be a complete lack of shame in today's world, so who knows.
This is Uber: shameless from the start and it never stops. I don't think their leadership would give a moment's thought to the "shame" of being associated with a catastrophe.
Also, Uber Eats is delivery only. That $10 card won't even buy one meal.
Hostage Video (Score:2)
Blink twice, Crowdstrike, if you're being forced to cover up* for an operation by Men With Guns (TLA).
Everything they're doing is so erratic and stupid it seems more like 'blink twice' than plausible tomfoolery.
Old saying:
"If Michael Jordan misses two layups in a row he's having a bad night. If he misses twelve layups in a row he's throwing the game."
* The open theory is 'they' needed to erase data in a recovery environment to evade auditing and hit the 'break glass in case of emergency" button. We'll see.
Re: (Score:2)
Old saying: If Michael Jordan ...
Didn't you just say this was an old saying?
Re: (Score:2)
Re: (Score:2)
well by takeing out offer you wave the right to.
sue us
get out of your contract now
ask for discounts
ask for refunds
get any damages, ot time, down time, ect paid.
Re: (Score:2)
Re: (Score:2)
Details in the Licence (Score:2)
Re: (Score:2)
Re: (Score:2)
Also, since it's businesses that were harmed (and will be suing for damages), the acceptance by some middle-manager of a free cup of coffee at Stellarbucks
Well first your middle manager got nothing from Crowdstrike since this offer was to their partners i.e. those helping them peddle their product, not those suffering from using it. Secondly, I was referring to the agreement that the business signed when purchasing CrowdStrike in the first place. Whoever signed that must have had signing authority for the company so I doubt that was some middle manager and whatever contract they signed I am certain they will have had some legal language to deny all responsib
Scam time (Score:2)
yeah team! (Score:2)
Marketing team: We crushed it!
Re: (Score:2)
What, no pizza party? (Score:2)
partners... (Score:3)
Who are they sending this to? (Score:5, Interesting)
I don't get it, who get's the gift cards? The article says "partners", are they sending a single Uber Eats $10 gift card to a company that had it's entire business taken down or do everyone who works at the companies affected get a gift card?
Re:Who are they sending this to? (Score:5, Insightful)
Re: (Score:3)
I'm not sure there is anything to get, the whole thing sounds made up. Notice how there's no official statement from CrowdStrike about this. I bet these people have fallen victim to a phishing scam taking advantage of the situation, which would explain why the gift cards fail to validate. Which if true would be really fucking ironic considering these are supposed to be cyber security and system admins.
Possible. According to the article "the email was sent from a CrowdStrike email address in the name of Daniel Bernard, the company’s chief business officer". He has a linkdin that doesn't seem to have any information relevant to the question, and no other social media that I can find.
Re: (Score:2)
> Notice how there's no official statement from CrowdStrike about this
Apart from the confirmation from the CrowdStrike spokesperson...
Or are you suggesting they are fake and part of the ruse?
Re: (Score:2)
The people who need them most: Overpaid CTOs.
Re: (Score:2)
The people who need them most: Overpaid CTOs.
If this is real and that's the case, then the social grace of slipping a CTO a $10 coupon really is something to behold.
Re: (Score:2)
Sysadmins who stay up late at night fixing outages.
Re: (Score:2)
Sysadmins who stay up late at night fixing outages.
If that was the case I'd assume there was a code that could be used multiple times, and we'd all be having $10 Uber Eats by now (but the article says it was revoked, so perhaps that's what happened?).
Re: (Score:2)
After reading the linked article it seems "partners" is not some twisted way of describing "customers" but actual tech partners, third parties that work with CrowdStrike in some way.
So a $10 thankyou for all the extra work they've had to do basically.
$10 for losing a weekend and several levels up on stress? A cup of coffee? I'd be after a bigger voucher for a family meal, even just a money off voucher as the rest of the family probaly lost out on my time also.
WHO is getting a card? (Score:2)
offering its partners a $10 Uber Eats gift card as an apology,
Just who are the partners? People who work at his company? People who actually signed contracts buying in to their service?
Can't be the millions of people who were actually affected by this.
Re: (Score:2)
Partners seems to suggest those working WITH CrowdStrike.
Not in this case some twisted marketing term to describe customers. At least I hope not as even Elon Musk would not be THAT stupid.
Pretty lame when even T2/Linux pays more (Score:2)
Is that supposed to be a joke? (Score:2)
Where I work (major global tech company), every single computer, with few exceptions, was bricked by this bullshit, my company-owned laptop being an exception only because it wasn't left running overnight. We lost at least half a days' worth of productivity, and most of the information screens around the facility are still bricked, likely will require someone to physically go to each one to correct the problem. Yet they think $10 worth of doordash is going to compensate everyone for their fuck-
Re: (Score:2)
Crowdstrike won't do business with consumers, or even small-fry. A co-worker tried to license it for his small business and they refused him.
So a $10 gift card... ONE $10 gift card, to a corporate business that has from 20 to 20,000 computers. That's beyond insulting. There isn't a single one of their customers that won't consider that "gesture of good-will" a joke.
Now how about you give us a $10 gift card for every one of our computers that was affected. THAT would actually be meaningful.
Corperate america (Score:2)
Re: (Score:3)
because its a twist on you don't have to out run the bear, just the some of the other guys in your party, idea.
Putting the controls and redundancy in place to achieve prevention, and/or accepting actual liability for product failures / canceled services is always going to be way to costly. They will never do that, and they know their competitors never will either.
They literally are banking on you thinking "Well Delta stranded me in Kalispell, and AA stranded me in Memphis; but at least AA bought me a coffee
What can I get for $10? (Score:2)
"Anything you want."
With the Full Metal Jacket quote out of the way...
What is anyone supposed to do with a $10 Uber Eats card? It barely covers the fees.
Did they attach terms like "You accept this gift card in lieu of suing the ever living shit out of us"?
Fine print... (Score:2)
Great! (Score:2)
Likely Canceled Due to Exploitability (Score:5, Informative)
This tweet (https://x.com/64uni_lions/status/1815928437774995555) shows the UberEats coupon code (e32HVnCljb7) and they were likely getting absolutely spammed with UberEats credit claims. It SHOULD have been announced, surveyed to collect emails, and then an email-restricted code sent out.
Re: (Score:2)
Only acceptable... (Score:2)
ClownStrike (Score:2)
Strikes again!
Wow, just wow (Score:2)
This reads like a Bee article.
They should offer this to Delta Airlines (Score:2)
Maybe they won't be so angry anymore.
Head on a stake, not cake (Score:5, Insightful)
Given that this was an international security incident with outages I would expect a criminal investigation against the persons in charge.
Don't get me wrong, I am all for blame-free when it comes to development but here a defect version was rolled out by a professional company and caused outages of airports, security centrals, production lines.
This is the damn 911 event of Windows in critical infrastructure! You can't resolve this by handing out gift card.
It is a case where cybersecurity laws are to be enforced against actual offenders. and not the likes of Aaron Schwartz.and Gary McKinnon
Apology? More like "insult"... (Score:2)
That does not even cover the cost of recovering one machine.
Re: (Score:2)
Yeah.. an above article on this page lists the estimated global cost of this event at $5.8Bn... but hey.. $10!! lol.
Contracts cancelled (Score:2)
only came here to read the futurama quote (Score:2)
"Here's a coupon for 10% off at Bed, Bath, and Beyond?"
who said that?
Finger in the dam? (Score:2)
Crowdstrike hopefully sticks its finger in the dam. Tsunami of incoming lawsuits doesn't care.
Blind to the situation. (Score:2)
I think a gift card good for a case of Red Bull would be more appropriate for everyone who had/has to work extended hours to fix their screwup.
Does Uber Eats use Windows servers? (Score:2)
Read the article before you write the headline (Score:2)
CrowdStrike spokesperson Kevin Benacci confirmed... "We did send these to our teammates and partners who have been helping customers through this situation...
They were buying lunch for co-workers who put in the extra time; this was not an apology nor an attempt to compensate for damages, this was not "to say sorry for the outage." This was a thank-you gift (albeit a meagre one). One of the gift recipients posted a screenshot to Twitter which included the passcode, and that triggered a flood of fraudulent
Re: It's bugs all the way down (Score:2)
UberEats rejected the card after flagging it up as fraud due to excessive use.