CrowdStrike’s reputation took a serious nosedive after last month’s colossal IT meltdown. Instead of hiding from the fallout, the cybersecurity giant decided to lean into the disaster, accepting an award that no company wants to win—the “Most Epic Fail” at the DEF CON hacking conference.
At DEF CON, the annual Pwnie Awards celebrate the best and worst in cybersecurity, and CrowdStrike found itself in the latter category. The company joined a less-than-elite club of past winners like Microsoft, the TSA, and Twitter after a botched security update crashed millions of Windows PCs and servers. This was not your typical glitch; it was a full-on catastrophe that brought down critical systems worldwide, causing everything from airport chaos to corporate headaches.
While most companies would probably prefer to forget such a monumental screw-up, CrowdStrike’s President Michael Sentonas decided to own it—literally. Sentonas showed up in person to accept the “Most Epic Fail” award, drawing applause from an audience of his peers. “Definitely not the award to be proud of receiving,” he quipped, but added, “We got this horribly wrong, and it’s super important to own it.”
Sentonas plans to display the trophy prominently at CrowdStrike’s Texas headquarters, not as a badge of honour, but as a constant reminder that even the best in the business can royally mess up. “Our goal is to protect people, and we got this wrong,” he said, underscoring the importance of accountability. “And I want to make sure everyone understands these things can’t happen, and that’s what this community is about.”
As commendable as Sentonas’s public contrition may be, it doesn’t erase the fallout. CrowdStrike is already facing two class-action lawsuits demanding compensation for the widespread disruption caused by the update.
The backstory The chaos started in the early hours of July 19, 2024, when CrowdStrike rolled out a sensor configuration update as part of its Falcon platform. This update contained a logic error that led to catastrophic system crashes and the dreaded Blue Screen of Death (BSOD) on millions of devices. While the issue was quickly identified and fixed within about 90 minutes, the damage was done. The incident left a trail of disruption across multiple sectors, from grounded flights to frozen corporate networks.
CrowdStrike’s decision to embrace its blunder might win some points for transparency, but the company has a long road ahead to regain trust and credibility. For now, they’re the proud—if somewhat reluctant—owners of the “Most Epic Fail” award, with a trophy to remind them of the dreaded outage.