CrowdStrike, the cybersecurity titan, is under fire from its shareholders following a colossal software failure that struck on July 19, 2024, leading to a global disruption impacting over 8 million computers.
The lawsuit, initiated in federal court in Austin, Texas, accuses the company of misleading investors about the reliability of its software. Shareholders claim CrowdStrike’s representations, notably from a March 5 conference call where the company’s software was described as “validated, tested, and certified,” were fundamentally deceptive.
The disruption, which affected airlines, banks, hospitals, and emergency services worldwide, led to a dramatic 32% drop in CrowdStrike’s share price over just 12 days. This decline erased approximately $25 billion in market value. As the fallout continued, CEO George Kurtz faced Congressional scrutiny, and Delta Air Lines enlisted high-profile attorney David Boies for potential damages.
CrowdStrike has responded with a firm denial, asserting the lawsuit lacks merit and pledging a robust defense. The complaint, spearheaded by the Plymouth County Retirement Association, seeks damages for CrowdStrike Class A shareholders between November 29, 2023, and July 29, 2024.
The ripple effects of the outage have been significant, with Delta’s CEO estimating a $500 million hit due to lost revenue, compensation, and additional expenses for stranded passengers.
As CrowdStrike’s stock closed at $231.96 on Wednesday—down from $343.05 just before the outage—the legal battle is far from over. More lawsuits could follow in the wake of this unprecedented cybersecurity crisis.
The case is filed as Plymouth County Retirement Association v. CrowdStrike Inc., et al, in the U.S. District Court for the Western District of Texas, Case No. 24-00857.
