CrowdStrike has been sued by shareholders who said the cybersecurity company defrauded them by concealing how its inadequate software testing could cause the 19 July global outage that crashed more than eight million computers.

In a proposed class action filed on Tuesday night in the Austin, Texas federal court, shareholders said they learned that CrowdStrike’s assurances about its technology were materially false and misleading when a flawed software update disrupted airlines, banks, hospitals and emergency lines around the world.

They said CrowdStrike’s share price fell 32% over the next 12 days, wiping out US$25-billion of market value, as the outage’s effects became known, CEO George Kurtz was called to testify to the US congress and Delta Air Lines reportedly hired prominent lawyer David Boies to seek damages.

The complaint cites statements including from a 5 March conference call where Kurtz characterised CrowdStrike’s software as “validated, tested and certified”.

In a statement on Wednesday, Austin-based CrowdStrike said: “We believe this case lacks merit and we will vigorously defend the company,” Kurtz and chief financial officer Burt Podbere are also defendants.

The lawsuit led by the Plymouth County Retirement Association of Plymouth, Massachusetts, seeks unspecified damages for holders of CrowdStrike class-A shares between 29 November 2023 and 29 July 2024.

Shares fall

Shareholders often sue companies after unexpected negative news causes stock prices to fall, and CrowdStrike could face more lawsuits.

Delta CEO Ed Bastian told CNBC on Wednesday that the outage cost his airline $500-million, including lost revenue and compensation and hotels for stranded fliers.