Tuesday, 7 October 2025
28.1 C
Singapore
27.5 C
Thailand
19.6 C
Indonesia
27.9 C
Philippines

Delta Air Lines seeks damages from CrowdStrike and Microsoft over a software outage

Delta Air Lines hires lawyer David Boies to seek compensation from CrowdStrike and Microsoft for the July 19 outage that caused flight cancellations.

Delta Air Lines is gearing up to demand compensation following an outage that caused chaos worldwide, impacting the airline significantly.

According to a report by CNBC on Monday, the carrier has brought on board renowned lawyer David Boies to seek damages from CrowdStrike and Microsoft for the July 19 computer outage that forced Delta to cancel around 6,000 flights.

David Boies has an impressive legal background, representing high-profile figures such as Theranos founder Elizabeth Holmes, Al Gore in the 2000 presidential election, and the US government in a landmark antitrust case against Microsoft in 1998.

Delta’s compensation plans

Although no lawsuit has been filed, Delta plans to pursue compensation from CrowdStrike and Microsoft, as reported by CNBC.

Delta’s stock remained relatively unchanged at the close of Monday’s trading, but CrowdStrike saw a 5.5 per cent decline in after-hours trading.

Earlier this month, CrowdStrike caused global business disruptions after a defect in a software update from the cybersecurity firm led to the shutdown of numerous Microsoft computer systems.

Analysts predict that Delta, one of the hardest-hit airlines, will face an earnings loss of between US$350 million and US$500 million this quarter due to reputational damage and ticket refunds, according to a Bloomberg report last week.

However, legal experts suggest that Delta and its Boies-led lawyers might need help to secure significant compensation from CrowdStrike. The terms and conditions of CrowdStrike’s services state that the firm is only liable for refunds and limits liability to “fees paid.” This means that if Delta or other companies seek damages for losses, CrowdStrike would only be required to refund the cost of the software.

CrowdStrike’s limited liability

Elizabeth Burgin Waller, chair of the Cybersecurity & Data Privacy practice at Woods Rogers, pointed out that CrowdStrike’s liability is limited to the fees paid for its Falcon security software, widely used by companies and government agencies globally.

This limitation means that companies like Delta may not receive much compensation for damages or lost revenue. Even individuals seeking damages through class action lawsuits against CrowdStrike might face significant challenges.

Mauricio Sanchez, a senior director at the tech market research firm Dell’Oro Group, expressed doubt that CrowdStrike would be required to pay much, if any, compensation. “While it will be a miserable summer for CrowdStrike lawyers, as they defend themselves from customers with torches and pitchforks, I don’t see CrowdStrike having to pay much, if any, compensation,” Sanchez told the trade publication Fierce Network last week.

Precedents and future implications

A recent case involving a hacking incident, rather than a software update issue, provides some precedent for how large customers like Delta could fare in court. In 2020, hackers infiltrated Texas-based SolarWinds’ systems and inserted malicious code into the company’s software. This breach affected over 30,000 customers who received the compromised software updates, leading to extensive spying by hackers on companies and government organisations.

Earlier this month, a US judge dismissed most of a Securities and Exchange Commission lawsuit accusing SolarWinds of defrauding investors by concealing security weaknesses.

Given the customer agreements favouring CrowdStrike and the recent SolarWinds case, CrowdStrike may have a strong chance in court. Andrew Selbst, an assistant professor at UCLA School of Law, told Harvard Law Today that customers could sue over negligence, though these class action lawsuits are often complex to win.

Another possible consequence for CrowdStrike could be regulatory action, particularly from the Federal Trade Commission (FTC). “The FTC has a pattern of settling with these companies and keeping them under a consent decree for 20 years or so,” Selbst said. “But with the FTC, you don’t receive individual customers’ damages or compensation. This is just a regulatory regime, and they receive fines payable to the federal government.”

Hot this week

OpenAI and Jony Ive face setbacks in developing the first AI device

OpenAI and Jony Ive face technical challenges that may push their AI device’s launch beyond 2026.

Sharp launches new energy-efficient washing machines with no-holes tub technology

Sharp launches a new series of energy-efficient washing machines in Singapore, featuring exclusive no-holes tub technology and quiet performance.

Call of Duty: Black Ops 7 reveals full multiplayer details ahead of launch

Call of Duty: Black Ops 7 multiplayer brings fast futuristic combat, 18 maps at launch, and new customisation features ahead of 14 November release.

Hollow Knight: Silksong’s story comes close to perfection, but falters on focus

Hollow Knight: Silksong delivers a rich, ambitious story of faith and freedom, although Hornet’s lack of growth prevents it from achieving true greatness.

Ecovacs launches Deebot X11 OmniCyclone in Singapore with breakthrough PowerBoost cleaning

Ecovacs has launched the Deebot X11 OmniCyclone in Singapore, featuring PowerBoost Technology and hands-free cleaning with a dust-free station.

Canon’s Think Big series returns to help businesses build resilience in uncertain times

Canon’s Think Big Leadership Business Series returns on 22 and 23 October in Singapore to help companies build resilience amid global uncertainty.

Payment security experts to meet in Bangkok amid rising cyber threats in Asia-Pacific

Cybersecurity attacks across Asia-Pacific continue to pose serious risks...

Meta unveils Candle subsea cable and expands Asia-Pacific connectivity projects

Meta unveils Candle, the largest subsea cable in APAC, and updates Bifrost, Echo, and Apricot to boost regional and transpacific connectivity.

C-suite’s rush to adopt AI exposes critical security blind spots

A new Tenable report warns that outdated security strategies are leaving organisations exposed as AI adoption surges.

Related Articles