Delta Airlines has recently intensified its legal and public relations campaign against cybersecurity firm CrowdStrike, following a massive global network outage that disrupted its operations and resulted in significant financial losses. The airline has claimed that the outage, which began on July 19, was caused by a corrupted software update from CrowdStrike and led to at least $500 million in losses due to canceled flights and operational disruptions.
The fallout from the incident has been substantial. Delta, a major US carrier, had to cancel approximately 7,000 flights over a five-day period, from July 19 to July 24. This massive disruption impacted around 1.3 million customers, leading to a class-action lawsuit from affected passengers. The airline’s CEO, Ed Bastian, expressed frustration in a filing with the US Securities and Exchange Commission, labeling the situation as “unacceptable” and highlighting the severe impact on both customers and employees.
The root of the issue, according to Delta, was a corrupted software update issued by CrowdStrike, a company known for providing cybersecurity solutions. This update, Delta alleges, caused a global glitch that disrupted services not only for Delta but also for many other companies, including an estimated 8.5 million Windows devices worldwide, as reported by Microsoft. The disruption continued to affect Delta’s operations even after other airlines had restored their services.
In response, CrowdStrike has denied sole responsibility for the incident. The company contends that the issue was more complex and that Delta’s operational problems persisted even after other carriers had resumed normal operations. CrowdStrike has vowed to defend itself “aggressively” against any legal claims, describing Delta’s narrative as misleading.
Microsoft, which also faces criticism from Delta, has indicated that the problem may have been exacerbated by Delta’s outdated IT infrastructure. The tech giant has pointed out that its preliminary review suggests that Delta’s technology systems were not up to date, which may have contributed to the prolonged disruption. Microsoft has also rejected claims of responsibility for the flight cancellations, emphasizing that the issues were related to the software update and subsequent impact on scheduling systems used by many airlines.
The dispute has also brought to light the challenges faced by Delta in managing such crises. In addition to the lawsuits and public backlash, Delta has faced scrutiny from the US Department of Transportation over how it handled the situation and compensated affected passengers. The airline is accused of failing to provide adequate compensation and asking passengers to sign waivers that would release Delta from further legal claims.
The legal battle is further complicated by a lawsuit filed against CrowdStrike by its own shareholders. They have accused the company of making “false and misleading” statements about its software testing and response capabilities. This shareholder suit adds another layer of complexity to the ongoing saga, highlighting broader concerns about the cybersecurity firm’s operations and transparency.
As Delta Airlines and CrowdStrike continue to trade legal and public jabs, the full extent of responsibility for the outage remains under investigation. Both companies are preparing for a protracted legal fight, while passengers and stakeholders await clarity on how such a significant disruption occurred and who should bear the financial and reputational costs.
