Delta is suing CrowdStrike over outages that caused $500 million in losses

Delta Air Lines has filed a lawsuit against the cybersecurity giant CrowdStrike on Friday, seeking massive damages for a catastrophic technology outage that crippled the carrier’s operations this summer and resulted in more than $500 million in losses.

The lawsuit, filed in Fulton County Superior Court near DeltaAtlanta headquarters, stems from an incident in July when a faulty CrowdStrike software update was triggered widespread system failuresincluding the infamous “blue screen of death” on Windows computers around the world, according to Associated Press.

The Delta lawsuit alleges the cybersecurity company’s negligence in releasing an untested system. Microsoft the computer update resulted in the cancellation of approximately 7,000 flights over five days during the peak summer season. The airline is seeking both compensatory and punitive damages, saying the company’s actions caused widespread disruption during one of the busiest travel times of the year.

The impact of the July incident extended far beyond aviation, affecting emergency services in six states, including AlaskaArizona, Indiana, Minnesota, New Hampshire and Ohio.

The outage also disrupted major financial institutions, with the London Stock Exchange reporting that the Regulatory News Service experienced “global third-party technical issues”. Several Australian banks also reported operational problems. Media organizations have also felt the impact, with UK’s Sky News and BBC channels temporarily forced out of the air.

The CEO of CrowdStrike George Kurtz confirmed that the outage resulted from “a flaw found in a single content update for Windows hosts” rather than a security breach or cyber attack.

Microsoft acknowledged the issue on its platform, stating that “the affected update has been withdrawn by CrowdStrike” and directed affected customers to seek further assistance from the cybersecurity firm.

In response to the lawsuit, a CrowdStrike spokesperson said Newsweek: “While we sought to reach a business resolution that put customers first, Delta chose a different path. Delta’s claims are based on debunked misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery from a failure to modernize its aging IT infrastructure.”

Newsweek reached out to Delta Airlines via email on Saturday for comment.

CrowdStrike shares fell more than 20 percent in early trading after the July blackout, falling from $343.05 to $273 before recovering slightly to $301.97 per share. Microsoft shares also suffered, falling more than three percent to $426 before settling at $434.80 during the busy summer travel season.

Previous attempts to resolve the dispute have failed. The cybersecurity company’s legal team had suggested in August that the company’s liability to Delta should not exceed $10 million — a figure that stands in stark contrast to the airline’s reported losses of more than $500 million in additional revenue and expenses.

The US Department of Transportation (DOT) launched an investigation into Delta’s significantly slower recovery compared to other affected organizations.

Secretary of Transportation Pete Buttigieg announced that the investigation will include customer service complaints, including reports of stranded unaccompanied minors and excessive wait times for crisis assistance.