ATLANTA- Delta Air Lines (DL) is advancing a lawsuit against cybersecurity firm CrowdStrike following a July 2024 outage that caused 7,000 flight cancellations. The incident, which paralyzed operations at major hubs like Hartsfield-Jackson Atlanta International Airport (ATL), is alleged to have stemmed from a faulty software update.
The carrier has received judicial approval to pursue claims of gross negligence and computer trespass, holding CrowdStrike (based in Austin, Texas) responsible for significant business and operational losses during the global IT disruption.
Photo: Scarlet Sappho | FlickrDelta Can Sue Crowdstrike
Fulton County Superior Court Judge Kelly Lee Ellerbe has ruled that Delta Air Lines may proceed with substantial portions of its lawsuit against cybersecurity vendor CrowdStrike.
The lawsuit stems from a July 19, 2024, incident in which a flawed update to CrowdStrike’s Falcon software led to a massive outage, impacting over 8 million Microsoft Windows-based systems globally.
Delta asserts this failure was due to gross negligence, claiming the bug could have been caught through basic testing on a single computer before deployment.
Delta alleges that CrowdStrike’s internal failure directly resulted in widespread disruption, forcing the airline to cancel 7,000 flights and affecting the travel plans of approximately 1.4 million passengers.
According to the airline, the outage inflicted $550 million in lost revenue and added costs, though offset slightly by $50 million in fuel savings due to the reduced flight activity.
Judge Ellerbe also allowed the airline to pursue a computer trespass claim and a narrowed accusation that CrowdStrike misrepresented its software by allegedly installing an unauthorized back door into Delta’s systems.
CrowdStrike has acknowledged fault at a high level, with its president reportedly stating that the company did something “horribly wrong.”
Photo: Clément AlloingLegal and Financial Ramifications
Delta filed its lawsuit three months after the outage, seeking accountability and compensation from CrowdStrike.
While the case continues in Georgia Superior Court under docket number 24CV013621, CrowdStrike has publicly stated that it believes the claims will either be dismissed or limited to modest financial damages under state law.
Simultaneously, Delta is also facing its own legal challenges. On May 6, 2025, a federal judge ruled that the airline must face a proposed class action lawsuit. This case was brought by passengers who allege that Delta unlawfully denied full refunds for disrupted travel during the outage.
Although other airlines were affected by the software failure, Delta experienced the most prolonged and severe consequences. Recovery for competitors was comparatively swift, intensifying scrutiny of how Delta’s systems were impacted.
The case highlights increasing vulnerabilities in airline operations stemming from third-party technology providers. As aviation systems become more digitized, the legal and financial burden of cybersecurity failures could shift significantly.
Delta’s action may set a precedent for how airlines seek redress for vendor-related disruptions, especially those resulting in major service outages.
Industry analysts and legal experts are watching the case closely, as it may influence future contracts and liability clauses between airlines and tech providers. The outcome could redefine accountability standards within both the aviation and cybersecurity sectors.
Stay tuned with us. Further, follow us on social media for the latest updates.
Join us on Telegram Group for the Latest Aviation Updates. Subsequently, follow us on Google News
Delta Air Lines Sued By 3-Year Old Daughter’s Father Over Medical Emergency
The post Delta May Sue Crowdstrike Over Outage Leading to 7,000 Canceled Flights appeared first on Aviation A2Z.
