Patch/Configuration Management, Business continuity

Massive CrowdStrike outage prompts class action

Share
Today’s special columnist, Callie Guenther of Critical Start, offers security teams advice for responding to the recent CrowdStrike outage. (Adobe Stock)

CrowdStrike has been hit with a class-action lawsuit alleging its lack of appropriate software testing following the massive global IT outage stemming from a botched update of its Falcon platformThe Register reports.

Despite repeatedly proclaiming the robustness of Falcon, CrowdStrike has not properly evaluated anti-threat updates prior to release leading to the widespread disruption, claimed the Massachusetts-based Plymouth County Retirement Association in its lawsuit. "Since the CrowdStrike outage, publicly revealed evidence indicates that CrowdStrike was taking insufficient precautions regarding such updates. For instance, CrowdStrike has promised to take remedial measures to ensure that such a crash does not happen again, including implementing a so-called canary deployment of such updates, meaning a progressive rollout that starts with a subset of users," alleged the lawsuit. Such a case will be challenged by CrowdStrike, with a spokesperson noting its lack of merit. The development comes after Delta Air Lines sought representation to obtain up to $500 million in damages related to the disruption earlier this week.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.