Atlanta, Georgia: Delta Air Lines has secured a key legal victory in its lawsuit against cybersecurity firm CrowdStrike, after a Georgia state judge ruled the airline can pursue the majority of its claims over a July 2024 computer outage that led to the cancellation of approximately 7,000 flights.
Judge Kelly Lee Ellerbe of the Fulton County Superior Court ruled on Friday that Delta may attempt to prove CrowdStrike’s gross negligence in deploying a defective update of its Falcon cybersecurity software. The update reportedly crashed over 8 million Microsoft Windows-based systems worldwide, severely disrupting airline operations and air travel across the globe.
“Delta has specifically pled that if CrowdStrike had tested the July update on one computer before its deployment, the programming error would have been detected,” Judge Ellerbe wrote in her decision. She also referenced a public statement from CrowdStrike’s president, who admitted the company had done something “horribly wrong.”
In addition to the gross negligence claim, the judge allowed Delta to proceed with a claim of computer trespass. The airline may also pursue a narrowed allegation that CrowdStrike made fraudulent assurances that it would not introduce an “unauthorized back door” into Delta’s computer systems.
The case stems from a widespread IT disruption on July 19, 2024, which Delta says affected 1.4 million passengers and caused $550 million in financial damage due to lost revenue and increased operational costs—partially offset by $50 million in fuel savings.
CrowdStrike’s attorney, Michael Carlinsky, expressed confidence in the company’s legal position, stating on Monday that he believes the court will ultimately dismiss the claims or cap potential damages in line with Georgia law, limiting them to the “single-digit millions of dollars.”
Also Read | Banff G7 Meeting Confronts U.S. Demands and Global Trade Frictions
Delta, headquartered in Atlanta, filed its lawsuit three months after the outage, naming Austin-based CrowdStrike as the primary defendant. The airline welcomed the court’s ruling, reaffirming its confidence in the strength of its case.
While other airlines were also impacted by the Falcon software failure, they reportedly recovered operations more swiftly than Delta. The ripple effects, however, contributed to global delays and cancellations.
Also Read | Lai Ching-te: Taiwan Seeks Peace but Must Stay Battle-Ready
Separately, Delta is also facing a proposed class-action lawsuit from passengers who claim the airline unlawfully denied full refunds after the travel disruption. In early May, a federal judge in Atlanta allowed that case to proceed.
The ongoing legal saga underscores the far-reaching consequences of cybersecurity failures in modern aviation and could influence how airlines and service providers handle liability in future tech-driven disruptions.
Case Information:
Delta Air Lines Inc v CrowdStrike Inc, Georgia Superior Court, Fulton County, No. 24CV013621
