CrowdStrike, Delta sue each other over flight disruptions

WASHINGTON : Cybersecurity firm CrowdStrike said on Monday it sued Delta Air Lines in U.S. District Court in Georgia after a faulty software update prompted a global outage in July.

The July 19 incident led to worldwide flight cancellations and hit industries including banks, healthcare, media companies and hotel chains.

CrowdStrike said it sued to make clear that CrowdStrike did not cause the harm that Delta claims, and that Delta repeatedly refused assistance from both CrowdStrike and Microsoft. Delta did not immediately comment on CrowdStrike's suit.

CrowdStrike is seeking a declaratory judgment plus legal fees.

Delta's lawsuit filed on Friday in Fulton County Superior Court called the faulty software update from CrowdStrike "catastrophic" and said the company "forced untested and faulty updates to its customers, causing more than 8.5 million Microsoft Windows-based computers around the world to crash."

Delta said the faulty update caused 7,000 flight cancellations, disrupted travel plans of 1.3 million customers and cost the carrier more than $500 million.

CrowdStrike's lawsuit, also filed on Friday, said Delta's own response and technology caused delays in the carrier's ability to resume normal operations.

CrowdStrike's lawsuit reiterated its contention that it has minimal liability, something Delta rejected.

Delta said CrowdStrike is liable for over $500 million in out-of-pocket losses as well as for unspecified lost profits, expenditures - including legal fees - reputational harm and future revenue loss.

The incident prompted the U.S. Transportation Department to open an investigation.

"If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed," Delta's lawsuit says.

Delta said it has invested billions of dollars in information technology licensing and infrastructure.

Last month, a senior CrowdStrike executive apologized before Congress for the faulty software update.