Delta Sues CrowdStrike Over Outage, Citing $500 Million Losses

Why Trust Techopedia
Key Takeaways

  • Delta Air Lines has filed a lawsuit against cybersecurity firm CrowdStrike, citing a $500 million loss due to a global outage in July.
  • The incident affected 1.3 million Delta customers and resulted in 7,000 canceled flights.
  • Delta claims that CrowdStrike's faulty software update caused the widespread crash of Microsoft Windows systems.

On October 25, Delta Air Lines filed a lawsuit against cybersecurity company CrowdStrike in Georgia, accusing the firm of causing a global outage in July that led to mass flight cancellations and significant financial losses. 

The outage, triggered by what Delta claims was a faulty software update, impacted millions of Windows-based systems worldwide. The disruption forced the Atlanta-based airline to cancel 7,000 flights, impacting the travel plans of 1.3 million passengers.

The financial fallout reportedly cost Delta over $500 million, with $380 million attributed to revenue loss and an additional $170 million in incurred costs.

The Impact and Delta Airlines’ Legal Argument

According to Delta’s filing in Fulton County Superior Court, CrowdStrike’s untested update had a “catastrophic” effect on Delta’s operations, leading to prolonged disruptions.

Although other airlines managed to recover quickly, Delta reported slower progress, attributing this to the software flaw.

Delta argues that CrowdStrike’s software failure undermined the company’s massive investment in IT infrastructure. The company alleges it neglected proper testing before deploying the update. 

The lawsuit seeks over $500 million in compensation for out-of-pocket losses, as well as future revenue loss and reputational damage.

The July 19 outage impacted the airline industry severely. But, it also extended to banks, healthcare providers, media outlets, and hotel chains globally.

Delta has been a customer of CrowdStrike since 2022, relying on its cybersecurity solutions.

However, Delta contends that CrowdStrike should bear responsibility for the disruption, noting that a properly tested update could have prevented the incident.

Delta hired high-profile attorney David Boies to lead its legal battle and recover its losses.

CrowdStrike’s Response and Ongoing Debate

CrowdStrike, on the other hand, disputes Delta’s claim, attributing the airline’s slow recovery to its outdated IT infrastructure rather than the faulty update alone.

CrowdStrike CEO George Kurtz has publicly apologized, acknowledging the incident’s impact and pledging to implement preventive measures.

The company also announced a financial commitment package to affected clients, which led to a lowered full-year guidance.

In response to Delta’s lawsuit, CrowdStrike emphasized its commitment to continuous improvement but questioned why Delta was more severely impacted than other organizations.