Compliance & Regulations News Cyberkitera October 26, 2024 0 Comments

Delta Airlines Files Lawsuit Against Cybersecurity Firm CrowdStrike Over Windows Outage, Claims $500 Million in Losses

Listen to this article

The airline is seeking compensation and punitive damages for the outage that disrupted operations, resulting in $500 million in lost revenue and additional expenses.

Delta Air Lines filed a lawsuit against CrowdStrike on Friday, alleging that the cybersecurity firm cut corners, resulting in a global technology outage that caused thousands of flight cancellations in July.

The airline is seeking compensation and punitive damages for the outage, which originated from a faulty update sent to millions of Microsoft computers. Delta stated that the disruption severely impacted its operations for several days, resulting in over $500 million in lost revenue and additional expenses.

CrowdStrike said Delta is giving “misinformation,” does not understand cybersecurity, and is trying to shift blame for its slow recovery from the outage.

The U.S. Department of Transportation is investigating why Delta took longer to recover than other carriers. Transportation Secretary Pete Buttigieg said the department also would look into complaints about Delta customer service during the outage, including long waits for help and reports that unaccompanied minors were stranded at airports.

In its lawsuit, Delta alleges that the outage was caused by CrowdStrike’s failure to test the update before its global rollout. During the peak summer vacation season, Delta canceled approximately 7,000 flights over five days. The outage also impacted banks, hospitals, and various other businesses.

“CrowdStrike caused a global catastrophe by cutting corners, taking shortcuts, and bypassing the testing and certification processes it promoted for its own benefit and profit,” Delta stated in the lawsuit, filed in Fulton County Superior Court in Georgia, close to the company’s headquarters.

A spokesperson for CrowdStrike mentioned that the company attempted to resolve the dispute, with one of its lawyers indicating in August that CrowdStrike’s liability to Delta was less than $10 million.

The spokesperson stated that Delta’s claims are rooted in “misinformation, show a lack of understanding of modern cybersecurity, and represent a desperate effort to deflect blame for its slow recovery from its failure to modernize its outdated IT infrastructure.”