CrowdStrike Holdings, Inc. (“CrowdStrike”) recently caused what is being called the largest IT outage in history. On July 19, 2024, CrowdStrike released a routine update to its cybersecurity software for Windows-based devices. However, a flaw in the update’s coding led to millions of computers crashing worldwide, many showing the Microsoft Windows blue screen of death. This incident has prompted millions of customers, investors, and businesses to consider filing lawsuits against CrowdStrike in response to the outage.
Many businesses, governmental entities, and others impacted by the failed CrowdStrike incident, the blue screen of death was only the beginning of their troubles. Although CrowdStrike reportedly identified and fixed the coding error within 79 minutes, the global IT outage caused disruptions that lasted for days, and in some cases, weeks or longer. While the outage was not a data breach, it has prompted many companies to reevaluate their cybersecurity practices. The incident led to significant damages—airline passengers were stranded, governmental entities were unable to process 911 calls, and businesses missed contract deadlines due to the inability to electronically sign documents. Additionally, CrowdStrike’s stock price plummeted. After reaching an all-time high at the start of July, the company’s shares lost a year-and-a-half’s worth of gains in less than a week.
CrowdStrike’s failed update caused substantial losses, and those affected by the global IT outage should seek to recover these losses. Recovering losses involves filing a lawsuit against CrowdStrike.
Filing a Lawsuit
Pepper and Odom represent individuals and companies in lawsuits against CrowdStrike nationwide.
CrowdStrike’s IT Global Outage Negligence
A report published by CrowdStrike indicates that the global IT outage on July 19, 2024, resulted from two simple mistakes—either of which, if caught, could have prevented the crisis. On July 18, CrowdStrike began preparing to release an update to its cybersecurity software, used by millions of companies (including numerous Fortune 500 companies) and government agencies worldwide. Unbeknownst to CrowdStrike, the update contained a bug. Despite having processes and procedures to identify such bugs before release, a second bug in the company’s validation check software allowed the faulty update to be pushed out “despite containing problematic content data.” After releasing the defective update, CrowdStrike identified the fatal flaw in its new software almost immediately. However, it was already too late. By the time CrowdStrike recalled the update half an hour later, millions of computers running the company’s cybersecurity software had already downloaded it and begun to fail.
The aftermath is well known. From airlines to hospitals, companies responsible for critical infrastructure went offline, and millions of small businesses found themselves unable to serve their customers. Many governmental entities’ computer systems also went offline. With two simple mistakes—both of which should have been caught—CrowdStrike caused untold billions of dollars in losses worldwide.
Who can file a lawsuit?
All individuals and organizations, both public and private, negatively affected by the global IT outage on July 19, 2024, may have grounds to sue CrowdStrike to recover their losses.
What to Expect from a Lawsuit
Determining whether an individual, company, or governmental entity has grounds to file a lawsuit requires a critical assessment on a case-by-case basis. If you experienced a minor delay or disruption but were not significantly affected by the global IT outage, then you may not have grounds to file a complaint. However, if you have measurable losses worth pursuing, you should start the process of filing your lawsuit as soon as possible. The next step is determining how much you are entitled to recover, as plaintiffs can seek various types of damages depending on the specific circumstances involved.
At Pepper and Odom., we have the team and capabilities to effectively handle CrowdStrike lawsuits, regardless of their value. Individual plaintiffs’ damages may range from tens of thousands to tens or even hundreds of millions of dollars. Once you contact us, we will quickly evaluate your claim so you can make an informed decision about pursuing legal action. If you decide to proceed, we will prepare and file a complaint to initiate the litigation process, starting the clock for CrowdStrike to respond and allowing us to take discovery. CrowdStrike’s report on the outage clearly indicates the company’s responsibility.
Companies like CrowdStrike carry substantial cyber insurance policies that cover incidents like this, and several articles have already discussed CrowdStrike’s insurer’s potential liability. While it is too early to determine the outcome of the litigation, there is a strong chance that many successful plaintiffs will resolve their claims via insurance settlement. Our lawyers will negotiate with CrowdStrike’s insurance company on your behalf and help you decide when—and if—to settle.
Regardless of what it takes, we will fully pursue your lawsuit through its final resolution, whether through a settlement agreement or seeking maximum damages at trial. We have substantial experience representing clients in high-stakes settlement negotiations and are skilled litigators ready to fight for your legal rights in court when necessary.
Why Choose Us
If you need to file a lawsuit against CrowdStrike related to the global IT outage, your choice of legal representation is crucial. Not all law firms are the same, and the outcome of your lawsuit could have significant financial and other implications for years to come.
