We didn’t send $10 Uber Eats gift cards to our clients – CrowdStrike

CrowdStrike has denied sending $10 Uber Eats card to customers as an apology for triggering “the biggest global IT outage” to date.

According to an article on TechCrunch, the Texas-run software firm has been using the cards to “say sorry” to those hit by the outage.

The article linked to a Reddit user saying, sarcastically, “Customers are gonna’ stay a few nights awake; how can we help? Here’s a voucher for coffee.”

'False'

But CrowdStrike told ContractorUK that any claim it is sending Uber Eats cards to clients is “false.”  

A CrowdStrike spokesperson said last night to this website: “CrowdStrike did not send gift cards to customers or clients.

“We did send these to our teammates and partners who have been helping customers through this situation.”

'Sell and manage'

The CrowdStrike spokesperson clarified that “partners” includes companies signed up to its Accelerate Program (AP), which the firm launched in September 2023.

“They sell and manage CrowdStrike for customers…[but] they are not customers,” the spokesperson said of ‘partners.’

The thanks of an Uber Eats card to parties the company’s AP lists  as “MSPs…cloud marketplaces,” and telcos among others, which is worth about £7.75, didn’t go well with everyone.

'Insulting'

“What an insulting thing to send,” one social media user wrote, seemingly (wrongly) thinking CrowdStrike sent the cards to clients.

“It would have been a bit better if they skipped the gift card b-s. That's just disrespectful and unprofessional.”

Another weighed in, albeit seemingly a CrowdStrike partner: “I literally wanted to drive my car off a bridge this weekend and they bought me coffee. Nice.”

'Late night'

In an email to its partners, penned by its chief business officer Daniel Bernard, CrowdStrike wrote:

“To express our gratitude, your next cup of coffee or late night snack is on us!

“Access your UberEats credit by using code…or scanning the QR code below.”

Due to a sudden spike in coffee and snack purchases however, Uber Eats reportedly flagged them as fraud and blocked some of the purchases.

'Discontinued'

A CrowdStrike partner claims to have received the following message: “Your Uber Eats voucher is no longer available.

“We’re just letting you know that your ‘CrowdStrike - Thank You!’ voucher has been discontinued by the provider, and is no longer available to use.”

But it is usage with no ‘blue screen’ that surely most concerns CrowdStrike CEO George Kutz, who says 97% of Windows sensors are now restored.

Taking to LinkedIn on July 25th, Kurtz continued: “To our customers still affected, please know we will not rest until we achieve full recovery.

“At CrowdStrike, our mission is to earn your trust by safeguarding your operations. I am deeply sorry for the disruption this outage has caused and personally apologize to everyone impacted.

“While I can’t promise perfection, I can promise a response that is focused, effective, and with a sense of urgency.”

'Incident report'

Kurtz linked to “preliminary incident report” which IT admins are pouring over for the technical detail on how the corrupt software update came about.

The CrowdStrike report, published on July 24th, also outlines “the measures we’re taking to prevent such incidents in the future.”

An interim CISO, Adrian Wright, has got his eye on what’s next too, following what he described as “the biggest global IT outage the world has yet seen.” 

“Once [this is fully] resolved, we all need to have a serious think about how much privilege we allow third party software and providers.

“And how we mitigate risks like these moving forward,” Wright says.

'Know your technology'

Tech security specialist Justin Bentley offered a few answers of his own in a separate online post:

“If companies take one thing from this recent appalling events… [it] is 'Know Your Technology' -- [the] what, where and who.”

Referring to the 8.5million affected Windows devices, which caused chaos for hospitals, airports and businesses worldwide, Bentley suggested Business Continuity and Disaster Recovery consultants are now probably rubbing their hands together.

'Poor outsourcing contracts'

The security specialist says: “It is very clear from the global disruption that many of the affected organisations do not have adequate BC/DR planning, caused by lack of understanding of how important this.

“Or, [also] likely, poor outsourcing contracts where [BC and DR are] conducted as an afterthought. If at all.”

CrowdStrike says the worldwide crashes of Windows systems was due to a “defect” in a security update of its security software, Falcon Sensor, which “went undetected during validation checks.”