CrowdStrike Braces for Legal and Congressional Firestorm Following Global IT Meltdown
Sign up for ARPU: Stay ahead of the curve on tech news.
Cybersecurity firm CrowdStrike is facing a multi-front battle in the wake of a disastrous software update that crippled millions of computers worldwide in July. Alongside mounting lawsuits from disgruntled customers and shareholders, the company is now set to be grilled by US lawmakers over the incident.
As reported by TechCrunch, airline giant Delta has filed a lawsuit seeking up to $500 million in damages, alleging that CrowdStrike's faulty update caused five days of service disruptions. Delta claims that the incident, which also impacted other companies like United Airlines, amounted to "gross negligence" or "willful misconduct" on CrowdStrike's part, potentially invalidating contractual limits on damages.
Adding to CrowdStrike's woes, a class action lawsuit filed by shareholders alleges that the company misled investors regarding its software testing procedures. The lawsuit argues that CrowdStrike failed to adequately warn investors about potential risks associated with its update protocols.
In response to the legal onslaught, CrowdStrike has enlisted the high-powered law firm Quinn Emanuel Urquhart & Sullivan, while simultaneously downplaying its role in Delta's extended outage and pointing fingers at the airline's internal systems.
Further intensifying the pressure, the US House Homeland Security Committee has summoned CrowdStrike to appear before a subcommittee hearing on September 24th, according to a report by the Register. Adam Meyers, the company's senior vice president of counter adversary operations, will be tasked with explaining the cause of the outage and outlining steps taken to prevent similar incidents in the future.
The committee intends to scrutinize the incident's impact on critical infrastructure and explore ways to mitigate future risks posed by faulty software updates. Lawmakers are particularly concerned about the potential for adversaries to exploit vulnerabilities exposed by such incidents.
CrowdStrike's appearance before Congress comes at a sensitive time for the company, which recently reported strong second-quarter earnings but acknowledged that the July outage will likely impact its full-year revenue projections.