iscover
A class action by Delta passengers whose flights were affected by last year’s CrowdStrike outage will go ahead, a US federal judge has ruled.
The international IT shutdown in July 2024 — dubbed the world’s biggest ever — was caused by a bungled software update issued by the cyber security provider.
This content is available exclusively to Australian Aviation members.
A monthly membership is only $5.99 or save with our annual plans.
- Australian Aviation quarterly print & digital magazines
- Access to In Focus reports every month on our website
- Unlimited access to all Australian Aviation digital content
- Access to the Australian Aviation app
- Australian Aviation quarterly print & digital magazines
- Access to In Focus reports every month on our website
- Access to our Behind the Lens photo galleries and other exclusive content
- Daily news updates via our email bulletin
- Unlimited access to all Australian Aviation digital content
- Access to the Australian Aviation app
- Australian Aviation quarterly print & digital magazines
- Access to In Focus reports every month on our website
- Access to our Behind the Lens photo galleries and other exclusive content
- Daily news updates via our email bulletin
The update caused blue screens to appear on Microsoft-operated systems, which prevented many firms from accessing their internet-based ‘cloud’ services. For airlines, this particularly impacted boarding, check-in and baggage data.
CrowdStrike took responsibility for the incident, and airlines largely recovered quickly thanks to the cybersecurity firm’s quick action. However, Delta Air Lines suffered longer delays as its systems required a manual fix per device.
The airline then filed a lawsuit against CrowdStrike for US$500 million, to which CrowdStrike responded with a lawsuit of its own, claiming that the slow recovery was the fault of Delta Air Lines’ own systems.
“Delta’s claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernise its antiquated IT infrastructure.”
Now, US District Judge Mark Cohen has said that a lawsuit filed by Delta Air Lines customers who were denied full refunds for their cancelled and delayed flights will proceed.
Delta Air Lines had previously sought the claims to be dismissed, except for one by an international traveller under the Montreal Convention. Cohen said that five of the nine plaintiffs may pursue breach of contract claims, and a different group were able to pursue claims under the Montreal Convention.
“This ruling is a major step forward for Delta passengers seeking accountability,” said one of the plaintiffs’ lawyers, Joseph Sauder.
The remaining four plaintiffs had their claims dismissed, with Cohen saying they were dealt with by federal legislation.
John Brennan, one of the plaintiffs whose claim was dismissed, says that he was offered only $219.45 in compensation, despite him and his wife missing a $10,000 anniversary cruise due to being stranded.
Delta attempted to dismiss the case under the Airline Deregulation Act of 1978, which removed government control over airline fares, market entry and routes. Cohen ruled in favour of the dismissal.
The plaintiffs also alleged that CrowdStrike reached out to Delta to offer assistance in dealing with the outage “within hours of the incident” and that even chief executive George Kurtz reached out to Delta Airlines CEO Ed Bastian to provide assistance, but Delta declined or did not respond.
Delta Air Lines said the outage cost it $550 million in revenue and other costs, but it saved $50 million in fuel.
