CrowdStrike faces numerous legal challenges from the glitch that caused a global tech outage.
While the potential $500 million suit from Delta Air Lines is the most high-profile of these cases, a report Monday (Sept. 2) by TechCrunch said this could be one of several court cases facing the cybersecurity firm.
Rob Wilkins, co-chair of the complex litigation and dispute resolution practice group for Florida law firm Jones Foster, tells the news outlet that CrowdStrike faces a “daunting” legal challenge, one that could be lessened by the limits on damages typically written into enterprise software contracts.
“What I found was interesting is that there’s a contractual limit on damages between CrowdStrike and Delta, and I assume that there’s going to be a similar type of contractual limit on damages in the other customers’ contracts,” Wilkins said.
However, Delta — whose service was down for five days, longer than other airlines — alleges that the software glitch was a case of gross negligence or willful misconduct by CrowdStrike, which could void the contract cap, the report added. CrowdStrike argues that Delta has had issues with its own internal systems and that the company can’t blame the entire outage on the glitch.
Wilkins told TechCrunch it could be tough for Delta to prove its case, while shareholders claiming CrowdStrike misled and defrauded them by not warning them about their lack of a software testing regimen also face their own uphill battle.
“It comes down to: Was CrowdStrike intentionally misrepresenting or failing to tell the investors that it was completely up to date with respect to all of its security procedures and control procedures with respect to its software platform?” Wilkins said.
No matter how things play out, he added, it’s likely that the companies suing CrowdStrike will file a class-action suit to save money and resources. Once that happens, these cases typically attract other companies that wish to be involved.
Writing about the incident last month, PYMNTS argued that the outage underscored the need for companies to have effective disaster recovery plans.
“With complex ecosystems, you have a higher number of partners than you may have historically had” in the past, Larson McNeil, co-head of marketplaces and digital ecosystems at J.P. Morgan Payments, told PYMNTS. “You’ve got to understand your industry and the various players in the ecosystem — and as complexity increases, you’ve got to understand the risk and the opportunities that this creates for the business.”