Capitec, South Africa’s largest retail bank, has said it will not pursue legal action against cybersecurity firm CrowdStrike despite the disruptive impact of a rogue software patch, which took down its card processing, ATMs, banking app and internet banking systems last week.
The decision not to sue comes as the US company faces a raft of legal challenges over the update, which caused widespread disruption to Windows computers, putting more than eight million of them into an endless “death loop”.
Many of Capitec’s services were knocked offline for several hours as a result of the faulty update. The disruption affected companies around the world.
Ed Bastian, CEO of Delta Air Lines, one of the company most severely impacted, said this week that the outage cost his company US$500-million in lost revenue and compensation and hotels for stranded fliers.
Bastian said Delta would seek damages, adding that CrowdStrike had not offered to assist the company financially. Delta Air Lines has reportedly hired prominent US lawyer David Boies to pursue a damages case.
Soon after Bastian’s announcement, a group of CrowdStrike’s own shareholders filed a class-action lawsuit in a federal court in Texas. The disgruntled shareholders said CrowdStrike’s assurances about its technology were “materially false and misleading”.
‘Lacks merit’
They said CrowdStrike’s share price fell 32% in the 12 days following the outage, wiping out $25-billion in market value. As the outage’s effects became known, CEO George Kurtz was called to testify to the US congress.
“We believe this case lacks merit and we will vigorously defend the company,” CrowdStrike said on Wednesday in response to the class-action suit.
But Capitec, which was among the most severely affected by the issue, is keeping its legal weapons holstered. “We are currently not considering any legal action against CrowdStrike,” it said.