Delta is suing cybersecurity firm CrowdStrike over a technology outage that canceled flights

Delta Air Lines sued CrowdStrike on Friday, alleging the cybersecurity company cut corners and caused a worldwide technology outage that led to the cancellation of thousands of flights in July.

The airline is seeking compensatory and punitive damages over the outage, which began with a faulty update sent to several million Microsoft computers. Delta said the outage paralyzed its operations for several days, costing more than $500 million in lost revenue and additional expenses.

CrowdStrike said Delta is providing “misinformation,” doesn’t understand cybersecurity and is trying to shift blame for the slow recovery from the outage.

The US Department of Transportation is investigating why Delta took longer to recover than other carriers. Transportation Secretary Pete Buttigieg said the department will also look into complaints about Delta’s customer service during the outage, including long waits for help and reports of unaccompanied minors being stranded at airports.

In its lawsuit, Delta claims the outage occurred because CrowdStrike failed to test the update before rolling it out worldwide.

Delta canceled about 7,000 flights over a five-day period during the peak summer holiday season. The outage also affected banks, hospitals and other businesses.

“CrowdStrike caused a global catastrophe because it cut corners, took shortcuts, and bypassed the testing and certification processes it promoted for its own benefit and profit,” Delta said in the lawsuit, which was filed at Fulton County Superior Court of Georgia. near the company headquarters.

A CrowdStrike spokesman said the company was trying to resolve the dispute — one of its lawyers said in August that CrowdStrike’s liability to Delta was less than $10 million.

The spokesperson said Delta’s claims are based on “misinformation, demonstrate a lack of understanding of how modern cyber security works and reflect a desperate attempt to shift the blame for the slow recovery from its failure to modernize its IT infrastructure outdated”.