CrowdStrike called Delta’s lawsuit over the July 19 outage “far-fetched” and ultimately illegal under Georgia law. On Monday, the company asked a Georgia judge to dismiss almost all of the claims in the case.
In late October, Atlant-based Delta filed a lawsuit in Fulton County Superior Court, requesting large damages from CrowdStrike for the five-day IT breakdown and subsequent aircraft disruptions.
“As an initial matter, Georgia’s economic loss rule specifically precludes Delta’s efforts to recover through tort claims the economic damages it claims to have suffered,” CrowdStrike wrote.
According to Delta, the business lost almost $500 million in canceled flights, refunds, and customer accommodations due to the July cybersecurity incident. Through the lawsuit, it hopes to recover those expenses from CrowdStrike. However, neither the impact of a Department of Transportation inquiry into Delta for the outage nor the harm done to the airline’s standing as a premium carrier can yet be measured.
Challenging Lawsuit’s Basis
On Monday, CrowdStrike requested that a Georgia judge reject nearly all of the claims in Delta’s lawsuit over the July 19 outage, calling it “far-fetched” and ultimately unlawful under Georgia law.
Atlanta-based Delta sued CrowdStrike in Fulton County Superior Court in late October, seeking significant damages for the five-day IT failure and ensuing aircraft disruptions.
Delta claims the July cybersecurity issue cost the company about $500 million in lost revenue from canceled flights, refunds, and passenger accommodations. Through the lawsuit, it hopes to recoup those costs from CrowdStrike. However, neither the impact of a Department of Transportation inquiry into Delta for the outage nor the harm done to the airline’s standing as a premium carrier can yet be measured.
After the downtime, Delta still uses CrowdStrike services, probably because changing cybersecurity providers is very challenging for systems as big and complex as Delta’s.
Nevertheless, CrowdStrike said that it acted quickly to help Delta, despite offers that the cybersecurity firm says were rebuffed. One message from a Delta executive that CrowdStrike said, “We are good for now.” According to the cybersecurity firm, on the day of the outage, executives were in close communication.
“Delta repeatedly rebuffed any assistance from CrowdStrike or its partners,” CrowdStrike wrote.
CrowdStrike goes on to say that, in contrast to other industry peers who recovered from the outage far faster, Delta’s own procedures and systems were the cause of the extensive delays and cancellations.
“Delta was an outlier. Although Delta acknowledges that it took just hours—not days—for Delta employees to” remediate the outage, CrowdStrike wrote in its filing, “cancellations far exceeded the flight disruptions its peer airlines experienced.”
Following the outage, the stock of the cybersecurity company fell 44%. Even after reducing its guidance as a result of the incident, it has since mostly recovered from those losses and reported solid quarterly profits. The relative stickiness of CrowdStrike’s products has helped the company, particularly at large businesses.
