CrowdStrike Outage Fallout: 5 New Developments

Matters related to the widely felt July 19 outage have begun shifting into the legal sphere this week.

Matters related to the widely felt July 19 outage caused by a faulty CrowdStrike update have begun shifting into the legal sphere this week.

And this is where things are likely to remain for some time, according to a Wall Street analyst. CrowdStrike, however, has contended that it has the financial resources to withstand potential legal action over the incident.

CrowdStrike’s preliminary review found that a bug in its validation process for security configuration updates to its Falcon platform resulted in the outage to 8.5 million Microsoft Windows devices, leading to global disruptions for air travel, health care and business.

What follows are five new developments in the CrowdStrike outage fallout.

Shareholders Propose Class-Action Suit

CrowdStrike shareholders are reportedly proposing a class-action lawsuit in the wake of the outage and massive drop in stock price for the vendor.

The proposed lawsuit, led by the Plymouth County Retirement Association in Massachusetts, was filed Tuesday in a federal court in Texas, according to a Reuters report. The lawsuit accuses CrowdStrike of having provided misleading information about its testing practices prior to the outage, the report said.

“We believe this case lacks merit and we will vigorously defend the company,” CrowdStrike said in a statement responding to the proposed lawsuit.

CRN has reached out to the Plymouth County Retirement Association for comment.

As of late morning EDT Thursday, CrowdStrike’s stock price was down 2.7 percent to $225.73 a share. Shares in the company have fallen about 34 percent from the vendor’s closing price of $343.05 a share on July 18, the day before the outage.

Delta Seeking To ‘Make Certain We Get Compensated’

In other potential legal action, Delta CEO Ed Bastian suggested the airline does indeed have plans to pursue a lawsuit against CrowdStrike, as reported earlier this week.

During a CNBC interview, Bastian answered that “we have no choice” after being asked about the potential for a lawsuit.

“We’re not looking to wipe them out, but we’re looking to make certain that we get compensated,” he said.

Delta cancelled thousands of flights in the days after the outage began, and its total bill related to the incident—including both cancellations and customer compensation such as hotels—reached $500 million, according to Bastian.

“We are aware of the reporting, but have no knowledge of a lawsuit and have no further comment,” CrowdStrike said in a statement.

CrowdStrike Says It Can Withstand Legal Action

On the FAQ section of the company’s Remediation and Guidance Hub site, CrowdStrike has said it continues to enjoy “financial strength” in the wake of the outage — noting that as of the end of April, it had $3.7 billion in cash and cash equivalents.

CrowdStrike also saw cash flow of more than $1 billion during the 12-month period that ended April 30, “which we believe will enable us to continue investing in the business and cover potential legal liabilities,” the company said on the page.

The vendor added that its insurance policies “are intended to mitigate the potential impact of certain claims,” as well.

CrowdStrike has reported having nearly 30,000 customers, though it’s unclear how many were impacted in the outage. The incident has cost U.S. Fortune 500 companies $5.4 billion in total direct financial loss, according to an estimate from cloud monitoring and insurance firm Parametrix.

More Legal Action Is Likely, Analyst Says

Additional organizations can be expected to consider legal action against CrowdStrike over its defective update going forward, according to Joseph Gallo, senior vice president at Jefferies.

“We expect other companies impacted by the IT outage could potentially follow suit (helps with image to customers of impacted companies), creating further headline-risk in the near-term,” Gallo wrote in a note to investors.

Jefferies expects “little churn” based on customer checks, but the firm’s analysts have also reduced their ARR (annual recurring revenue) estimates for CrowdStrike by 1 percent for the vendor’s fiscal 2025 and fiscal 2026.

“We don't expect CRWD to have to reimburse customers for the outage, but the litigation cost & distraction (CEO appearing before Congress) will certainly weigh,” Gallo wrote.

CrowdStrike’s Windows Sensors Are Restored

CrowdStrike said 99 percent of Windows sensors for its Falcon platform have now been brought back online following the outage, with normal variance likely accounting for the remaining 1 percent.

In an update to its Remediation and Guidance Hub site posted Wednesday, the cybersecurity vendor said that “using a week-over-week comparison, ~99% of Windows sensors are online as of July 29 at 5pm PT, compared to before the content update.” Additionally, “we typically see a variance of ~1% week-over-week in sensor connections,” the company noted.

That represents an improvement from July 25, when CrowdStrike CEO George Kurtz disclosed that more than 97 percent of Windows sensors for Falcon were online.