Investors have sued CrowdStrike because the cybersecurity firm made false claims about its Falcon platform.
Investors have sued CrowdStrike because the company made false and misleading claims on the testing of its Falcon platform. In July, a faulty update released by CrowdStrike Falcon caused Windows systems to display a BSoD screen. The incident caused widespread global disruptions, impacting critical infrastructure such as airports, hospitals, and TV stations. The flawed update on July 19 crashed 8.5 million Microsoft Windows systems globally.
As reported by the BBC, the company’s share price dropped 32% in the 12 days after the incident, causing a loss in market value of $25bn (£14.5bn).
“The suit filed in the Austin, Texas federal court, alleges that CrowdStrike executives defrauded investors by making them believe the company’s software updates were adequately tested.” reported the BBC. “The lawsuit is seeking an unspecified amount of compensation for investors who owned CrowdStrike shares between 29 November and 29 July.
It cites chief executive George Kurtz, who said in a conference call on 5 March that the firm’s software was “validated, tested and certified.””CrowdStrike denies the allegations and has announced it will oppose the proposed class action lawsuit.
“We believe this case lacks merit and we will vigorously defend the company,” a spokesperson said.
Delta Air Lines’ CEO, Ed Bastian, revealed in a CNBC interview that the recent outage caused by Crowdstrike led to $500 million in losses for the airline, covering lost revenue and passenger compensation. Delta is now seeking compensation from CrowdStrike. The cybersecurity firm announced that it will improve software testing prevent future incidents.
The plaintiffs argue that the faulty Falcon update demonstrates that the company did not adequately test its software, placing its customers at severe risk.
The class action document is available here.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Crowdstrike)