Subscribe for notification
Tech

CrowdStrike Faces Legal Onslaught After Faulty Software Update

It was inevitable that lawsuits would ensue when the CrowdStrike software update, which is now infamous, brought down companies worldwide in July. And they have

The most high-profile example may be Delta’s lawsuit against the company for up to $500 million in damages and the employment of attorney David Boies.

Theranos, Harvey Weinstein, victims of Jeffrey Epstein, and Al Gore in Bush v. Gore, which revolved around the results of the 2000 presidential election, are among the numerous high-profile clients of Boies. In addition, he was the lead attorney in the government’s antitrust lawsuit against Microsoft during the 1990s.

Before Delta came forward, shareholders were already seeking their compensation. They filed a class action lawsuit against CrowdStrike, alleging that the company had misled them about its software update procedures.

CrowdStrike retained the law firm Quinn Emanuel Urquhart & Sullivan to defend the company against the anticipated onslaught of legal action. This decision reinforced the notion that attorneys would profit significantly from this error.

Microsoft has also been implicated in the conflict to a lesser extent because the CrowdStrike software update was defective and only affected Windows machines.

However, Rob Wilkins, co-chair of the complex litigation and dispute resolution practice group at Jones Foster, a Florida law firm, asserts that CrowdStrike is primarily responsible for the situation and is confronted with a formidable legal obstacle. However, contractual limitations on damages typically included in enterprise software contracts could save CrowdStrike.

Rob Wilkins | source, Jones Foster

In an interview with TechCrunch, Wilkins stated, “I was intrigued by the contractual damage limit between CrowdStrike and Delta. I anticipate the other customers’ contracts will also contain a similar damage limit.”

Delta is asserting, however, that CrowdStrike’s gross negligence or willful misconduct was the cause of the defective software update, which could potentially invalidate the contractual limit. Delta’s service was disrupted for five days, while United experienced delays related to CloudStrike for only three days.

CrowdStrike has stated that Delta has encountered complications with its internal systems and that the company cannot directly link the entire disruption to the faulty update from CrowdStrike.

According to Wilkins, Delta may encounter challenges in substantiating proof of gross negligence or willful misconduct, which imposes a substantial burden of proof. Additionally, shareholders who have accused the company of defrauding them by failing to notify them of the absence of a software testing regimen face substantial obstacles in substantiating their claims in court.

“The question is as follows: Did CrowdStrike intentionally misrepresent or fail to inform the investors that it was fully compliant with all of its security procedures and control procedures regarding its software platform?” Wilkins stated.

Wilkins predicts that the companies prosecuting CrowdStrike will likely collaborate to file a class action lawsuit against the company, as the cost and complexity of individual lawsuits will be prohibitive for all parties. He emphasizes that the presence of a class action often serves as an incentive for additional companies to participate.

“I would not be surprised if people pile on in-class actions, and then everything is consolidated into a single federal district court for all discovery-related purposes by the multidistrict litigation panel. This significantly reduces the process,” he said.

Once that is established, a “bellwether” trial is typically conducted, in which a single case is presented as a test case for all other plaintiffs in the class action. Regardless of its outcome, the jury’s decision serves as a guide for future settlements.

“You can then return to CrowdStrike and assert that you have been sued for $20 million by a single company, and we have 15 additional companies that are suing you in these class actions with the same facts. Therefore, you should settle,” he stated.

Another complicating factor is the role of insurance companies, which would protect CrowdStrike and its customers from potential damages in these situations. The clients’ insurance companies may also pursue CrowdStrike to recover some of their payments.

“Insurance coverage is probably in place, and the carrier will likely be summoned to provide defense.” The cybersecurity policies I reviewed would encompass this negligence, although I have not seen their specific policy yet. Therefore, it is contingent upon the terms of their policy and its exclusions; however, I anticipate that insurance will be a component.

According to Wilkins, there is a reputational component in addition to the monetary issues, and the sooner these issues are resolved, the more quickly CrowdStrike can progress. The company has retained competent attorneys to represent it; however, it will ultimately be required to reconcile with shareholders and customers, which are essential for the success of any enterprise.

“It appears to me that their strategy for resolving this issue will be to engage in combat, but they will also do so with the recognition that they must move forward.”

James Emmanuel

James is a Computer Science student with a robust foundation in tech and a skilled DevOps engineer. His technical expertise extends to his role as a news reporter at Protechbro, where he specializes in crafting well-informed, technical content that highlights the latest trends and innovations in technology.

Disqus Comments Loading...

Recent Posts

Crypto Companies Could See More US Listings if Trump Wins

According to a research report from HTX Ventures, the trend of crypto companies departing the United States could be halted,…

11 hours ago

Metaplanet Joins Global Equity Index

Metaplanet Inc., a Japanese investment firm, has been admitted to the CoinShares Blockchain Global Equity Index (BLOCK Index). Prominent publicly…

11 hours ago

Major South Korean Banks Join CBDC Pilot

The central bank's CBDC pilot, which is rapidly expanding, has attracted the participation of numerous prominent South Korean banks and…

11 hours ago

BTC Plummets, Mt.Gox Sends $2.2B in Bitcoin to 2 Wallet

After first going to a Mt.Gox cold wallet, most of that stash—nearly 30,400 bitcoin BTC—was sent to "1FG2C…Rveoy," and 2,000…

15 hours ago

Firms Unveil Global Dollar Stablecoin Network

Major banking firms launched the Global Dollar Network, a regulated platform designed to accelerate stablecoin adoption worldwide. Crypto and traditional…

15 hours ago

Sky Co-Founder Proposes No New Token Emissions

Rune Christensen, co-founder of Sky (formerly MakerDAO), proposes a strictly deflationary model to stop token emissions, in line with MakerDAO’s…

1 day ago