Delta Air Lines planes are seen at John F. Kennedy International Airport on the July 4 weekend in Queens, New York City, US, July 2, 2022.
Andrew Kelly | Reuters
Delta Airlines On Friday, a lawsuit was filed against Crowd Strike In Georgia, a security software vendor is charged with breach of contract and negligence after a power outage in July, which knocked out millions of computers and forced the cancellation of 7,000 flights.
Other airlines recovered more quickly than Atlanta-based Delta, which said the incident reduced revenue by $380 million and brought costs of $170 million. Impact of the defective software update on Microsoft Windows computers.
Days after the power outage, Delta hired David Boies of the law firm Boies Schiller Flexner to seek damages from CrowdStrike and Microsoft. Delta sought damages to cover its losses, along with litigation costs and punitive damages.
“CrowdStrike caused a global catastrophe because it cut corners, took shortcuts, and circumvented the testing and certification processes it advertised, for its own benefit and profit,” Delta said in its complaint. “If CrowdStrike tests the wrong update on a single computer even before deployment, the computer will crash.”
Delta disabled automatic updates from CrowdStrike but that update reached its computers anyway, the airline said in the lawsuit. Delta alleged that CrowdStrike's Falcon software created and exploited an unauthorized door in the Windows operating system that the airline said it would never have allowed.
“The devastation that has been done deserves, in my opinion, to be fully compensated for,” Delta CEO Ed Bastian told CNBC in an interview earlier this month.
CEO George Kurtz apologized for the incident, and the company committed to changing its practices to prevent similar events. In August, CrowdStrike lowered its full-year guidance due to a customer compliance package related to service outages.
“While we aimed to achieve a business solution that put customers first, Delta chose a different path,” a CrowdStrike spokesperson told CNBC in an email. “Delta’s claims are based on unsubstantiated misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its aging IT infrastructure.”
Microsoft discussed several potential improvements with CrowdStrike and other endpoint security software vendors at a summit in September.
WATCH: Delta responds to CrowdStrike, says outage costs $380 million in revenue