(Photo by Mario Tama/Getty Images)
Delta Air Lines is suing CrowdStrike in a $500 million lawsuit that claims the cybersecurity firm "cut corners" in the interests of profit.
In July, an issue with an update to CrowdStrike's software caused Windows machines all across the world to experience the "Blue Screen of Death." This caused disruption and chaos across a variety of industries, covering everything from transportation to healthcare.
The filing, first reported by CNBC, alleges that CrowdStrike “cut corners, took shortcuts, and circumvented the testing and certification processes it advertised, for its benefit and profit.”
Delta says it was forced to cancel 7,000 flights, affecting 1.3 million passengers over five days, and that it has suffered reputational damage and loss of future revenue.
The airline says CrowdStrike’s Falcon software created and exploited an unauthorized door in Windows. Delta put the total damages at $170 million and reduced revenue at $380 million.
Many airlines across the world were impacted by the IT disaster, but CrowdStrike claims its operations were particularly impacted because upwards of 60% of its devices run Windows.
Delta argues that if Crowdstrike had tested the update on “even one computer before deployment, the computer would have crashed.”
However, CrowdStrike tells CNBC that the airline's "claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its antiquated IT infrastructure."
Delta is not the only large organization taking legal action against CrowdStrike.
The Plymouth County Retirement Association demands the firm provide compensation for stock price losses it absorbed as an investor after the stock lost roughly 40% of its value.
The US Department of Transportation is also investigating the incident just a few days after it occurred, in the interest of ensuring that customers are being treated fairly.
Meanwhile, CrowdStrike's partner Microsoft has also joined the parties placing at least part of the blame on the cybersecurity firm. "Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernized its IT infrastructure, either for the benefit of its customers or its pilots and flight attendants," a Microsoft lawyer told Reuters.
A team of consumers impacted by the delays to their flights is also banding together for a class-action lawsuit against CrowdStrike.