Delta sues CrowdStrike, blaming it for losses from canceled flights

ATLANTA, Georgia: Delta Air Lines has filed a lawsuit against cybersecurity firm CrowdStrike, blaming the company for a tech outage in July that canceled thousands of flights.

The airline is seeking compensation and punitive damages, alleging the outage stemmed from a faulty update CrowdStrike sent to millions of Microsoft computers. This update disrupted Delta's operations and led to over $500 million in losses.

According to Delta's lawsuit, CrowdStrike failed to properly test the update before rolling it out, resulting in a global issue that crippled the airline for several days during the busy summer travel season. The outage not only affected Delta but also impacted banks, hospitals, and other businesses worldwide. Delta, which canceled about 7,000 flights over five days, claims that CrowdStrike's shortcuts and failure to follow its own protocols caused the chaos.

"CrowdStrike caused a global catastrophe because it cut corners, took shortcuts, and circumvented the very testing and certification processes it advertised for its own benefit and profit," Delta said in the lawsuit, which was filed in Fulton County Superior Court in Georgia, near the company's headquarters.

CrowdStrike, however, has denied the allegations, arguing that Delta's claims are based on misinformation.

A spokesperson for CrowdStrike accused Delta of attempting to shift the blame for the slow recovery, which they attribute to the airline's outdated IT infrastructure. The company also said it tried to resolve the issue earlier, suggesting that its liability to Delta was less than $10 million.

"While we aimed to reach a business resolution that puts customers first, Delta has chosen a different path. Deltas claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its antiquated IT infrastructure," the Crowdstrike spokesperson said. "We have filed for a declaratory judgment to make it clear that CrowdStrike did not cause the harm that Delta claims and they repeatedly refused assistance from both CrowdStrike and Microsoft. Any claims of gross negligence and willful misconduct have no basis in fact."

The U.S. Department of Transportation is investigating why Delta took longer to recover from the outage than other carriers. Secretary Pete Buttigieg also said the department would review complaints about Delta's customer service during the disruption, including reports of long wait times and unaccompanied minors being stranded at airports.