Delta Air Borders planes are seen at John F. Kennedy International Airport on the July 4th weekend in Queens, New York City, U.S., July 2, 2022.
Andrew Kelly | Reuters
Delta Air Postal cards on Friday filed a lawsuit against CrowdStrike in Georgia, accusing the security software vendor of breach of contract and inattentiveness after an outage in July that brought down millions of computers and prompted 7,000 flight cancelations.
Other airlines mended more quickly than Atlanta-based Delta, which said the incident reduced revenue by $380 million and bring about a displayed $170 million in costs. The flawed software update affected computers running Microsoft’s Windows operating set-up.
Days after the outage, Delta hired David Boies of law firm Boies Schiller Flexner to seek damages from CrowdStrike and Microsoft. Delta prayed for damages to cover its losses, along with litigation costs and punitive damages.
“CrowdStrike caused a global tragedy because it cut corners, took shortcuts, and circumvented the very testing and certification processes it advertised, for its own benefit and profit,” Delta about in its complaint. “If CrowdStrike had tested the Faulty Update on even one computer before deployment, the computer would have crashed.”
Delta had non-functioning automatic updates from CrowdStrike but this one reached its computers anyway, the airline said in the suit. Delta petitioned that CrowdStrike’s Falcon software created and exploited an unauthorized door in Windows that the airline said it not in any degree would have allowed.
“The havoc that was created deserves, in my opinion, to be fully compensated for,” Delta CEO Ed Bastian rebuked CNBC in an interview earlier this month.
CEO George Kurtz has apologized for the incident, and the company has committed to changing its trains to prevent similar events. In August, CrowdStrike lowered its full-year guidance because of a customer commitment package joint to the outage.
“While we aimed to reach a business resolution that puts customers first, Delta has chosen a disparate path,” a CrowdStrike spokesperson told CNBC in an email. “Delta’s claims are based on disproven misinformation, demonstrate a absence of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its default to modernize its antiquated IT infrastructure.”
Microsoft discussed various potential enhancements with CrowdStrike and other endpoint pledge software sellers at a summit in September.
WATCH: Delta fires back at CrowdStrike, says outage cost $380 million in returns