CrowdStrike, a cybersecurity firm, filed a lawsuit against Delta Air Lines in U.S. District Court in Georgia on Monday. The lawsuit follows a faulty software update that caused a global outage in July.
On July 19, the incident resulted in widespread flight cancellations and affected various industries, including banking, healthcare, media, and hospitality. CrowdStrike aims to clarify that it did not cause the damages Delta claims. The lawsuit highlights that Delta consistently declined assistance from both CrowdStrike and Microsoft. Delta has not yet commented on the lawsuit.
CrowdStrike seeks a declaratory judgment and reimbursement for legal fees. In contrast, Delta’s lawsuit, filed on Friday in Fulton County Superior Court, labeled the software update from CrowdStrike as “catastrophic.” Delta accused CrowdStrike of forcing untested and faulty updates onto customers, which led to crashes of over 8.5 million Microsoft Windows-based computers globally.
Delta reported that the faulty update triggered 7,000 flight cancellations, disrupted travel for 1.3 million customers, and cost the airline more than $500 million. CrowdStrike’s lawsuit, also filed on Friday, emphasized that Delta’s own response and technology delays contributed to the airline’s inability to restore normal operations. CrowdStrike maintained its position of minimal liability, a claim Delta rejected.
Delta asserts that CrowdStrike is responsible for over $500 million in direct losses, as well as for unspecified lost profits, expenditures—including legal fees—reputational harm, and future revenue loss.
The incident prompted the U.S. Transportation Department to initiate an investigation. Delta’s lawsuit states, “If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed.” Delta also pointed out its significant investments in information technology licensing and infrastructure. Last month, a senior CrowdStrike executive issued an apology before Congress regarding the faulty software update.
