CrowdStrike Unlikely To Be Liable In Potential Delta Suit Over $500M Outage Loss: Analyst

However, additional companies beyond Delta can be expected to consider legal action against CrowdStrike over the massive July 19 outage, according to a Wall Street analyst.

It’s not expected that CrowdStrike will be found liable in a lawsuit that Delta is expected to file, though the distractions for the cybersecurity vendor are almost certain to continue following the massive July 19 outage, according to an equity analyst at Jefferies.

CRN has reached out to CrowdStrike for comment.

Delta CEO Ed Bastian said in a CNBC interview Wednesday that the outage cost the airline $500 million in lost revenue from cancelled flights, as well as from paying for hotels for customers and other customer compensation. When asked whether Delta planned to file a lawsuit over the outage, Bastian answered that “we have no choice.”

Delta, which was by far the hardest-hit airline in the CrowdStrike-caused outage, has hired well-known attorney David Boies from the law firm Boies Schiller Flexner to pursue compensation from both CrowdStrike and Microsoft over the incident, according to a previous CNBC report.

CrowdStrike previously said Tuesday it has “no knowledge of a lawsuit” but declined to comment further. Delta, Microsoft and Boies Schiller Flexner declined to comment.

Delta canceled nearly 7,000 flights over five days following the outage, CNBC reported.

“We don't believe CRWD will be held liable” in any potential legal action by Delta, wrote Joseph Gallo, senior vice president at Jefferies, in a note to investors Wednesday.

However, along with Delta, additional companies can be expected to consider legal action against CrowdStrike over its defective update, Gallo wrote.

“We expect other companies impacted by the IT outage could potentially follow suit (helps with image to customers of impacted companies), creating further headline-risk in the near-term,” he wrote.

Overall, CrowdStrike has reported having nearly 30,000 customers, though it’s unclear how many were impacted in total. The outage has cost U.S. Fortune 500 companies $5.4 billion in total direct financial loss, according to an estimate from cloud monitoring and insurance firm Parametrix.

Jefferies expects “little churn” based on customer checks, but the firm’s analysts have also reduced their ARR (annual recurring revenue) estimates for CrowdStrike by 1 percent for its fiscal 2025 and fiscal 2026.

“We don't expect CRWD to have to reimburse customers for the outage, but the litigation cost & distraction (CEO appearing before Congress) will certainly weigh,” Gallo wrote.

CrowdStrike’s stock price was up slightly, to $234.45 a share, shortly after 11 a.m. EDT Tuesday. Shares in the company remain down 31 percent compared to its closing price of $343.05 on July 18, the day before the outage.

The outage began July 19 after an update to CrowdStrike’s Falcon platform set off a “blue screen of death” scenario for 8.5 million devices worldwide. Global impacts ensued for air travel, health care and business, and experts have called it the largest IT outage of all time.

CrowdStrike CEO George Kurtz previously disclosed that 97 percent of Windows sensors for Falcon were online as of July 25.

In an interview with CRN, SentinelOne CEO Tomer Weingarten suggested that the CrowdStrike update seems to have “bypassed” Microsoft’s typical process for updating the Windows kernel, which is the core control center for the Windows operating system.

CrowdStrike has called Weingarten’s comments “inaccurate,” saying the Windows kernel update process “was followed.”

In its preliminary review of the incident, CrowdStrike found that a bug in its validation process for checking security configuration updates to its Falcon platform resulted in the outage, due to allowing a faculty update to be deployed, the company has said.