- Delta Airlines has sued CrowdStrike for negligence which led to the global Microsoft outage on 19th July.
- The $500 million lawsuit seeks to recover losses in revenue of $380 million and additional costs of $170 million.
- CrowdStrike has called the claims misinformed.
Delta Airlines has filed a lawsuit against CrowdStrike, accusing it of negligence and breach of contract, which led to financial losses for the airlines. What is now being called a Black Swan event, a bug in a CrowdStrik update led to the crashing of 8.5 million Microsoft devices globally.
Airline companies were one of the worst-hit sectors, leading to thousands of flight cancellations. Delta Airlines was also caught up in the whirlpool. It has now decided to sue CrowdStrike.
As per the company, its revenue was reduced by $380 million and it had to incur an additional cost of $170 million to recover from the system outages. More than 7,000 flights were canceled in the process, affecting 1.3 million passengers.
Delta has accused CrowdStrike of taking shortcuts and ignoring testing and certification processes for its profit. It said that if the company had deployed the update on a single computer first, it would have known of the bug. This could have prevented the catastrophe that followed.
Another claim made by Delta is that the CrowdStrike update was executed on its system even though the company had blocked automatic updates. As per the airline, the software created and exploited an unauthorized door in Windows.
‘The havoc that was created deserves, in my opinion, to be fully compensated for’ – Delta CEO Ed Bastian
CrowdStrike apologized for the outage and assured that nothing of this sort would happen in the future. Microsoft also hosted a Security Summit on September 10th, where it shared its learnings from the incident and ways to bolster system security.
CrowdStrike’s Response
CrowdStrike came down hard on Delta in its response. It called the lawsuit a desperate attempt from Delta to shift blame for its own shortcomings. As per the IT company, Delta has failed to upgrade its IT infrastructure, which it described as ‘antique’
Now, this claim does have some substance in it.
Delta had an outage in August 2018, which led to more than 2,300 flight cancellations and losses of around $150 million – this had nothing to do with CrowdStrike though.
This hints that there might be technological issues within the company which need to be addressed for good. But ever since this incident, Delta has invested heavily in IT infrastructure and claims to have one of the best technologies in the airline industry.
‘While we aimed to reach a business resolution that puts customers first, Delta has chosen a different path’ – CrowdStrike
As per CrowdStrike’s claims, it reached out to Delta for an out-of-court settlement after the incident. However, it didn’t receive any response from the airline. CrowdStrike also said that Delta doesn’t have an understanding of how the cybersecurity space works, which is why its lawsuit is ridden with misinformation.
It remains to be seen how this lawsuit unfolds and whether courts hold the IT company liable for the catastrophe.