Airline customers impacted by a major outage that curtailed air travel in July 2024 are suing CrowdStrike, a well-known cybersecurity firm. On 19 July 2024, a flawed software update from CrowdStrike crashed over 8 million Windows computers worldwide. The incident led to widespread disruptions across various sectors, including banks, hospitals, and emergency lines.
The aviation industry was particularly hard hit, with thousands of flights delayed or canceled. As a result, passengers were stranded and scrambled to reach their destinations. Delta Air Lines, one of the most severely affected carriers, reported canceling more than 6,000 flights, resulting in an estimated cost of about $500 million. The airline is now dealing with over 176,000 refund or reimbursement requests. It is considering its own legal action against CrowdStrike.
Legal Action by Affected Passengers
In response to the chaos caused by the outage, a group of air travelers has filed a class-action lawsuit against CrowdStrike in the federal court of Austin, Texas. The plaintiffs allege that CrowdStrike’s negligence in testing and deploying its software led to the massive disruption. The lawsuit details the experiences of several affected passengers. California resident Julio del Rio, one of the plaintiffs, spent $1,200 on a new ticket to San Francisco after being stuck for 11 hours due to the cancellation of his trip from Hawaii to Los Angeles.
Sleeping on airport benches was painful and expensive. Moreover, he had to shell out extra money for ground transportation. Another plaintiff, Ohioan Jack Murphy, had a migraine the day after a flight cancelation badly disturbed his sleep cycle. The two men are pursuing monetary compensation and punitive penalties for all individuals affected by the flight disruption. They cite expenses incurred for lodging, meals, alternative travel arrangements, missed work, and health issues resulting from the ordeal.
CrowdStrike’s Response
CrowdStrike, founded in 2011 and headquartered in Austin, Texas, has established itself as a cloud-delivered endpoint and workload protection leader. The company has responded to the lawsuit in a statement to Axios, stating, “We believe this case lacks merit and we will vigorously defend the company.” Still, this is not the only legal challenge CrowdStrike is facing in the wake of the outage. The company is also dealing with a shareholder lawsuit filed on 31 July 2024. The lawsuit came after its stock price fell by about one-third following the incident.