Delta can sue CrowdStrike over computer outage that caused 7,000 canceled flights
FILE PHOTO: People speak to Delta agents as they try to rebook their travel plans after long delays following cyber outages affecting airlines at Hartsfield-Jackson Atlanta International Airport in Atlanta, Georgia, U.S., July 22, 2024. REUTERS/Megan Varner/File Photo
(Reuters) -Delta Air Lines can pursue much of its lawsuit seeking to hold cybersecurity company CrowdStrike liable for a massive computer outage last July that caused the carrier to cancel 7,000 flights, a Georgia state judge ruled.
In a decision on Friday, Judge Kelly Lee Ellerbe of the Fulton County Superior Court said Delta can try to prove CrowdStrike was grossly negligent in pushing a defective update of its Falcon software to customers, crashing more than 8 million Microsoft Windows-based computers worldwide.
"Delta has specifically pled that if CrowdStrike had tested the July update on one computer before its deployment, the programming error would have been detected," the judge wrote. "As CrowdStrike has acknowledged, its own president publicly stated CrowdStrike did something 'horribly wrong.'"
The Atlanta-based judge also let Delta pursue a computer trespass claim, and a narrowed claim that CrowdStrike fraudulently promised not to introduce an "unauthorized back door" into the carrier's computers.
In a statement on Monday, CrowdStrike's lawyer Michael Carlinsky said he was confident the judge will find Delta's case has no merit, or will limit damages to the "single-digit millions of dollars" under Georgia law.
Delta, based in Atlanta, said it was pleased with the decision and remained confident in the merits of its case.
The carrier sued Austin, Texas-based CrowdStrike three months after the July 19, 2024 outage disrupted travel for 1.4 million Delta passengers.
Delta has said the outage cost $550 million in lost revenue and added expenses, offset by $50 million of fuel savings.
On May 6, a federal judge in Atlanta said Delta must face a proposed class action by passengers whose said it unlawfully refused full refunds after the outage upended their travel.
The outage also disrupted other airlines, but those disruptions eased faster.
The case is Delta Air Lines Inc v CrowdStrike Inc, Georgia Superior Court, Fulton County, No. 24CV013621.
(Reporting by Jonathan Stempel in New YorkEditing by Nick Zieminski)
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
New Straits Times
an hour ago
- New Straits Times
Mass graves: A journalist's journey Into Malaysia's darkest chapter
WHEN journalists dig deep, ask hard questions, and refuse to let go, they become more than storytellers — they become catalysts for truth. Their relentless pursuit can shine a light on hidden crimes, expose wrongdoing and give voice to those silenced by fear or power. In a world where so much is buried beneath spin, silence or indifference, journalism remains one of the last lines of defence against injustice. Veteran journalist Datuk S. Arulldas was on the trail of a Penang-based human trafficking syndicate in 2015 when information from his police contacts led him to Perlis. It was a lead that would take him deep into a chilling web of crime and silence. For journalists like Arulldas, the pursuit of truth isn't just a job; it's a calling. Their dogged determination to follow the facts, no matter how remote or risky, has the power to uncover buried truths, expose hidden atrocities and push authorities into action. In this case, that pursuit would bring him face to face with one of Malaysia's darkest chapters. Combing through dense jungle, steep terrain and a wall of bureaucracy — from uncooperative security personnel to high-ranking officials — Arulldas and his steadfast photographer, Sayuti Zainudin, pushed forward. What they uncovered were Malaysia's own killing fields: 139 remains buried in shallow graves, scattered across remote forested slopes. Their discovery led to the exposure of hidden human trafficking camps along the border — grim evidence of a cross-border trade in human misery that had flourished in silence for too long. He has chronicled his journey in a book titled Mass Graves: Uncovering the Killing Fields of Wang Kelian. The book is a compelling account of the investigation, pieced together with a collection of newspaper clippings, photographs, and personal notes that offer a behind-the-scenes look at how investigative journalism operates in Malaysia. It not only documents the horrors uncovered in the Perlis jungle, but also sheds light on the perseverance, risks and resistance journalists often face when pursuing stories that challenge power and expose uncomfortable truths. Prompted by a spate of grisly murders involving Myanmar nationals in Penang, Arulldas began digging deeper. His investigation revealed troubling links between the killings and human trafficking networks, which soon led him to the country's northern border and a tip that would change everything. While seated at a coffee shop in Jitra, Kedah, just before heading to the border, Arulldas and Sayuti met a contact who dropped a bombshell. "He told us there were mass graves of migrants at Bukit Wang Burma, near Wang Kelian," Arulldas later wrote. Wang Kelian, located at the northernmost part of Perlis, shares a border with Wang Prachan in the Khuan Don District of Satun Province, southern Thailand. The contact revealed that a retired senior Thai army officer and his wife had recently been arrested by Thai authorities in connection with a human trafficking network and the discovery of mass graves. But when pressed for further details, he remained tight-lipped, insisting that if the journalist wanted answers, he'd have to find the graves himself. Sensing a story, Arulldas turned to his photographer and asked, "Shall we go?" Sayuti agreed without hesitation, and just like that, their journey veered off course. "It was a different kind of feeling when we arrived in Wang Kelian," Arulldas recalls. "It felt strange… like we weren't in Malaysia anymore. It was dusk. The houses were dark, the roads empty. Everything looked deserted." That evening, their first attempt to locate the mass graves was quickly called off. They had no maps, no landmarks and weren't equipped to navigate the forest reserve. "We didn't want to get lost in the jungle at night," he says wryly. Undeterred by the initial setback, Arulldas pressed on. He followed every lead, tracked down contacts and spoke to anyone who might help him find the mass graves believed to be hidden deep within the forest. Each encounter brought new challenges, from vague directions to hesitant sources. What stands out in his account isn't just the information he uncovered, but the relentless way he pursued it. Despite the uncertainty, the risks and the many obstacles, he never gave up. His tenacity, grounded in a journalist's instinct, carried him forward in search of a story that many would have walked away from. The then 60-year-old Arulldas went on to risk life and limb, trekking through dense forest terrain with guides he barely knew. "My legs were swollen and at that time, I nearly gave up so many times along the way," he recalls. "But my guides kept urging me on. They said, 'You've come this far. Just a little more.'" Eventually, he reached a small clearing where the ground had been crudely disturbed. Open graves lay before him, the surfaces loosely covered with palm fronds. He'd found the mass graves. "It was a human tragedy," he says soberly. "I feel it shouldn't have happened. These people were looking for greener pastures. They shouldn't have had to die or be killed. I felt such deep sadness and pity." Ten years on, the now 70-year-old reflects on that day and quietly admits it was the defining moment of his career. Yet a decade later, he concedes that more questions remain than answers. Still, the story demands to be told. "All we can do as journalists is expose the truth," he writes. "To put faces to a marginalised group that might otherwise remain nothing more than inconvenient statistics, too easily brushed aside." Arulldas' book is a courageous and unflinching account of a tragedy Malaysia has yet to fully confront. It stands as a testament to lives lost, justice denied, and the silence that continues to hang over Wang Kelian. Somewhere in Kedah, the victims lie buried under nameless headstones, marked only by DNA codes. Their stories remain untold, their identities unknown and the truth behind their deaths still cloaked in silence. Publisher: Gerakbudaya Enterprise 133 pages
The Star
a day ago
- The Star
Ispace aborts Moon mission
Space setback: Hakamada (centre) waiting with members of his team for news of the expected landing on the Moon by the company's Resilience craft, in Tokyo. — AFP The country's hopes of achieving its first soft touchdown on the Moon by a private company were dashed when the mission was aborted after an assumed crash-landing, the startup said. Tokyo-based ispace had hoped to make history as only the third private firm – and the first outside the United States – to achieve a controlled arrival on the lunar surface. But 'based on the currently available data ... it is currently assumed that the lander likely performed a hard landing', the startup said yesterday. 'It is unlikely that communication with the lander will be restored' so 'it has been decided to conclude the mission', ispace said in a statement. The failure comes two years after a prior mission ended in a crash. The company's unmanned Resilience spacecraft began its daunting final descent and 'successfully fired its main engine as planned to begin deceleration', ispace said. Mission control confirmed that the lander's positioning was 'nearly vertical' – but contact was then lost, with the mood on a livestream from mission control turning sombre. Technical problems meant 'the lander was unable to decelerate sufficiently to reach the required speed for the planned lunar landing', ispace said. To date, only five nations have achieved soft lunar landings: the Soviet Union, the United States, China, India and most recently Japan. Now, private companies are joining the race, promising cheaper and more frequent access to space. On board the Resilience lander were several high-profile payloads. They included Tenacious, a Luxembourg-built micro rover; a water electrolyser to split molecules into hydrogen and oxygen; a food production experiment; and a deep-space radiation probe. The rover also carried 'Moonhouse' – a small model home designed by Swedish artist Mikael Genberg. 'I take the fact that the second attempt failed to land seriously,' chief executive officer Takeshi Hakamada told reporters. 'But the most important thing is to use this result' for future missions, he said, describing a 'strong will to move on, although we have to carefully analyse what happened'. Last year, Houston-based Intuitive Machines became the first private enterprise to reach the Moon. Though its uncrewed lander touched down at an awkward angle, it still managed to complete tests and transmit photos. Then in March this year, Firefly Aerospace's Blue Ghost – launched on the same SpaceX rocket as ispace's Resilience – aced its lunar landing attempt. The mood ahead of yesterday's attempt had been celebratory, with a watch party also held by ispace's US branch in Washington. After contact was lost, announcers on an ispace livestream signed off with the message: 'Never quit the lunar quest.' The mission had also aimed to collect two lunar soil samples and sell them to Nasa for US$5,000 (RM21,150). Though the samples would remain on the Moon, the symbolic transaction is meant to strengthen the US stance that commercial activity – though not sovereign claims – should be allowed on celestial bodies. — AFP
The Star
a day ago
- The Star
This is the phishing scam that gets an identity theft expert in the US 'really, very angry'
Digital thieves are nothing if not persistent and innovative. They keep finding new ways to try to part you from your money. Phishing – where thieves pose as trusted entities or send legitimate looking emails or messages to trick you into giving them access to your accounts – is a widespread method. And it is constantly evolving. 'We've seen phishing go through the roof,' said Eva Velasquez, the CEO of the Identity Theft Resource Center, a San Diego-based national nonprofit. But knowledge is power. So here are three emerging phishing threats to look out for, according to Internet safety experts. All three threats target key parts of people's digital lives: email attachments that lead to fake login pages, multi-factor authentication trickery and deceptive calendar invites. Spending a few minutes reading these pointers could help you avoid getting your ID or money stolen and save you countless hours of dealing with the fallout. HTML attachments that open fake login pages Imagine a busy professional who is in email action mode. In the past 30 minutes on a Saturday morning, he has filled out emailed liability waivers for his seven children's summer camps, filed an expense report for work, answered a secure portal message from the veterinarian about his sick puppy's prescription, skimmed 182 email subject lines and paid five bills from his email inbox, including a car insurance premium and his beloved cheese-of-the-month club. Amid this flurry of inbound emails, ads, invoices and secure messages, he is working on autopilot: opening messages, skimming, clicking and signing in. What a perfect opportunity. Scammers are taking advantage of user distraction – and their trust – by sending emails with HTM or HTML attachments. When clicked, those open a browser file that looks like secure, familiar login page. These pages might look like secure invoice viewers, file-sharing services like DocuSign or Dropbox, or sign-in pages to platforms including Microsoft 365. 'Once the user enters their credentials, they are sent surreptitiously to the attacker's server,' said Vlad Cristescu, the head of cybersecurity with ZeroBounce, a Florida company that helps businesses lower their rate of bounced marketing emails. Why this method is especially insidious: 'There isn't a clickable link in the email, so standard email security filters (which scan for malicious URLs or attachments like PDFs and ZIPs) may not catch it,' Cristescu added. To prevent this, he added, companies should 'restrict HTML attachments unless essential, and users should treat unfamiliar HTML files the same way they'd treat a suspicious link – don't open it unless you're absolutely sure of the sender.' If you do receive incoming communication with an HTML link or attachment, don't engage, said Velasquez, with the ITRC. 'Don't click on links, people. That's the big, overarching message,' she said. Instead, go to the source: call the phone number on the back of your credit card, visit the bank in person. Multifactor authentication tricks If you are one of the many people who uses multifactor authentication, take note. Multifactor authentication is still very helpful and should be used. But Cristescu flagged one way that scammers are taking this tool – which is designed to make people's online accounts more secure – and using it to slither in. As a refresher, multifactor authentication is an added layer of protection that prevents data thieves from logging into your accounts if they have your username and password. It helps ensure that you're the one who typed in your password when you log in, and not some scammer in the Philippines or Poughkeepsie. To use multifactor authentication, you typically download an app, such as Google Authenticator or Microsoft Authenticator. You register your sensitive online accounts, such as Facebook, bank or email, with that app. Then, every time you log into a registered website, the authenticator app generates a new, random code that you enter after your password as a second layer of verification. With the rise of this protection, a new threat has emerged: Scammers who have your username and password can send log-in requests to your authenticator app. Next, the scammer can pose as an IT expert from your workplace and ask you to approve the log-in request. If you fall for it, then boom – the scammer is in. This technique 'exploits a user's frustration and trust in IT. If you're receiving multiple (authenticator) prompts you didn't initiate, that's not a glitch – it's an attack,' Cristescu said. He recommends pausing, never approving these unexpected requests and flagging the interaction with IT. Velasquez added that if you get an authenticator notification and you didn't just log in yourself, 'That is a huge red flag. Stop and address it. Don't ignore it.' Anytime you interact with IT, be sure you're the one initiating that contact, she added. If someone from IT calls or emails you, disconnect and reach back out using a trusted method, such as the same phone number you always dial. Fake calendar invites A third technique data thieves are using is calendar invites. 'I just get really very angry about this one,' Velasquez said. 'It is super hard to detect.' Here's what to look out for. If you use an online calendar like Google calendar or the native iPhone calendar app, you might receive an invitation to an event you didn't see coming. Sometimes these meetings are legitimate. Sometimes, they are not. Scammers 'are now sending meeting requests with malicious links embedded in the invite or 'join' button. These invitations sync directly into calendars and often go unquestioned,' according to ZeroBounce. Scammers use calendar invites because they have 'built-in credibility – they're not usually scrutinised like emails,' Cristescu said. Look for meeting requests from unknown senders and vague event names like 'Sync' or 'Project Review,' he added. In some jobs or roles, meetings routinely get added to calendars by other people –clients, prospects, coworkers, bosses, peers. 'I have gotten these repeatedly,' said Velasquez, with the ITRC. 'Depending on your lifestyle and your job and how you work, these are going to be particularly challenging. They are real calendar invites. The problem is they have malicious software embedded in them – so when you click on portions of them, 'Click to join,' it's like opening an attachment (or) clicking on a suspicious link. It's the same principle.' Cristescu, with ZeroBounce, shared this tip: 'Treat those just like a phishing email. Disable auto-accept where possible and review every invite manually before clicking anything.' Never stop questioning what lands in your inbox or calendar, Cristescu added. 'Always verify the sender's email address, ensure that any link you click matches the legitimate domain, and look out for subtle red flags like spelling errors or unusual formatting.' A big picture pointer 'All three of these (scams) are so common that it has probably happened to every single person reading the article – at least one of them. That's how ubiquitous these are,' Velasquez said. She shared this broader thought: It's less important to know how to respond to each scenario and more important to pause, be skeptical, double check. It's important to be ever more sceptical, because AI makes it easier and easier for thieves to create convincing ruses, Cristescu and Velasquez both said. AI 'really helps with making these phishing offers look and sound so much more legitimate,' Velasquez said. 'And with the amount of data that is out there from public sources and from data breaches, it's very easy to see what relationships people have.' Where you bank, where you do business – that is all fodder for someone to create a copycat page designed to trick you into logging in. Adopt an 'investigator mindset,' Velasquez said. Use this helpful reminder: the acronym STAR, which stands for Stop. Think. Ask questions or ask for help. Reassess. – The San Diego Union-Tribune/Tribune News Service
