CrowdStrike, the company behind the software that caused the largest IT outage in history has been hit with a lawsuit by Delta Airlines, after the IT outage caused millions of Windows machines to be thrown into boot loops and as a result, Delta lost hundreds of millions of dollars.
It was back in early August that Delta Airlines CEO sat down for an interview and fired off accusations at CrowdStrike for its catastrophic IT failure. For those that don't know, CrowdStrike is a cybersecurity company that provides security solutions that operate within the kernel of Windows machines. CrowdStrike rolled out an update to its Falcon sensor (the company's cybersecurity software), and since this update contained a faulty driver, approximately 8.5 million Windows machines around the world were thrown into bootloops that required in-person remediation.
Delta Airlines was hit the hardest of any airline, and according to the company's CEO, the airline had to manually reset 40,000 servers and cancel more than 7,000 flights. In early August, the company's CEO said it hired a new legal team to pursue damages from CrowdStrike as it claims it has sustained approximately $500 million in damages from the outage.
The new lawsuit against CrowdStrike was filed in Georgia and states Delta's revenue reduced by $380 million and brought $170 million in costs. Additionally, reports indicate Delta had disabled automatic updates from CrowdStrike, but the faulty update reached the airline's systems anyway.
"CrowdStrike caused a global catastrophe because it cut corners, took shortcuts, and circumvented the very testing and certification processes it advertised, for its own benefit and profit," Delta said in its complaint. "If CrowdStrike had tested the Faulty Update on even one computer before deployment, the computer would have crashed."
"While we aimed to reach a business resolution that puts customers first, Delta has chosen a different path," a CrowdStrike spokesperson told CNBC in an email. "Delta's claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its antiquated IT infrastructure."