On July 19, 2024, a faulty update to CrowdStrike’s Falcon cybersecurity software caused widespread disruptions, affecting over 8 million Microsoft Windows-based systems globally. Delta Air Lines was among the hardest hit, with the outage leading to the cancellation of approximately 7,000 flights and impacting the travel plans of 1.3 million passengers. The airline estimates the incident resulted in $550 million in losses, partially offset by $50 million in fuel savings.
Legal Proceedings
In October 2024, Delta filed a lawsuit against CrowdStrike in the Fulton County Superior Court, alleging gross negligence in the deployment of the defective software update. The airline contends that CrowdStrike failed to adequately test the update before release, leading to the catastrophic system failures.
On May 19, 2025, Judge Kelly Lee Ellerbe ruled that Delta could proceed with most of its claims, including those of gross negligence, computer trespass, and a narrowed fraud claim related to unauthorized software access.
CrowdStrike’s Response
CrowdStrike has denied the allegations, asserting that Delta’s claims are based on misinformation and a misunderstanding of modern cybersecurity practices. The company argues that Delta’s outdated IT infrastructure contributed significantly to the prolonged disruption and that other airlines recovered more swiftly from the outage
Passenger Class Action Lawsuit
In addition to the lawsuit against CrowdStrike, Delta faces a proposed class action from passengers who allege the airline unlawfully refused full refunds after the outage disrupted their travel plans. The lawsuit claims that Delta’s handling of the situation violated consumer protection laws and left many passengers stranded without adequate support.
Regulatory Scrutiny
The U.S. Department of Transportation has initiated an investigation into Delta’s response to the outage, focusing on the airline’s customer service practices and its failure to promptly restore operations. Transportation Secretary Pete Buttigieg emphasized the importance of airlines upholding passenger rights during such disruptions.
Implications for the Aviation Industry
This incident underscores the critical importance of robust cybersecurity measures and contingency planning within the aviation sector. As airlines increasingly rely on complex IT systems, ensuring the reliability and security of these systems is paramount to maintaining operational continuity and passenger trust.
Source: Reuters
