CrowdStrike has moved to dismiss Delta Air Lines’ lawsuit regarding the July cybersecurity outage, claiming that Delta is trying to bypass the terms of the contract between the two companies.
Delta’s lawsuit stems from the outage that caused flight cancellations and stranded passengers, according to CNBC.
CrowdStrike argues that the lawsuit is improper and seeks dismissal based on the contractual agreement in place.
CrowdStrike’s defense against Delta’s lawsuit centers on a clause in their agreement that limits the cybersecurity provider’s liability and caps damages.
It asserts that Delta is attempting to bypass these terms. Additionally, CrowdStrike contends that under Georgia law, Delta cannot reframe a breach of contract issue as tort claims, further supporting its motion to dismiss the lawsuit.
“As an initial matter, Georgia’s economic loss rule specifically precludes Delta’s efforts to recover through tort claims the economic damages it claims to have suffered,” CrowdStrike stated.
Delta claims that the July cybersecurity outage cost the company over $500 million in canceled flights, refunds, and passenger accommodations, and is seeking to recover these expenses through the lawsuit against CrowdStrike.
However, the damage to Delta’s reputation as a premium carrier is difficult to quantify at this stage, and the effects of a Department of Transportation investigation into the outage remain uncertain.
Despite the July cybersecurity outage, Delta continues to rely on CrowdStrike’s services. This is likely because switching cybersecurity providers in a large and complex system like Delta’s is a challenging and time-consuming process.
Still, CrowdStrike said it moved quickly to try and help Delta — offers the cybersecurity company says were rebuffed. “We are good for now,” one message from a Delta executive cited by CrowdStrike read.
CrowdStrike stated that its executives were in close contact on the day of the outage, suggesting active involvement in addressing the situation as it unfolded.
“Delta repeatedly rebuffed any assistance from CrowdStrike or its partners,” CrowdStrike wrote.
CrowdStrike argues that Delta’s internal practices and systems, not the outage itself, caused the widespread delays and cancellations.
“Delta was an outlier. Although Delta acknowledges that it took just hours—not days—for Delta employees to” remediate the outage, CrowdStrike wrote in its filing, “cancellations far exceeded the flight disruptions its peer airlines experienced.”
A spokesperson for Delta was unavailable for comment.
