top of page

SEC is looking into how SolarWinds handled the 2020 cyberattack.

After its significant 2020 data breach, which was committed by hackers sponsored by the Russian government, SolarWinds said the Securities and Exchange Commission (SEC) is looking into cybersecurity disclosures and statements the business and its management made in public.

The SEC informed SolarWinds through a Wells Notice that it intends to bring an enforcement action "alleging violations of certain provisions of the U.S. federal securities laws with respect to its cybersecurity disclosures and public statements, as well as its internal controls and disclosure controls and procedures," according to information provided by SolarWinds in a Form 8-K on Thursday. No other details on the alleged offenses were revealed.

In the same filing, SolarWinds said it had entered into a binding settlement term sheet with class action plaintiffs to make a $26 million settlement offer to end a legal dispute involving injuries to SolarWinds consumers as a result of the breach. The agreement will "fund claims submitted by class members, the legal fees of plaintiffs’ counsel, and the costs of administering the settlement."

In November 2021, two pension funds filed a lawsuit against SolarWinds in the Delaware U.S. District Court.

In December 2020, it was claimed that Russian-backed hackers had gained access to SolarWinds, a provider of network management software to a huge number of multinational corporations and governmental organizations. According to Microsoft's research of the incident, the hackers inserted malicious code into a software update for SolarWinds Orion products, giving them access to elevated credentials and a foothold in the network. Once installed, the program established a connection to a server under the control of the hackers, enabling them to carry out more assaults and steal data from SolarWinds clients.

According to some sources, the SolarWinds systems may have been compromised as early as September 2019 or early 2020 by hackers with Russian support. According to a SolarWinds executive who spoke to NPR in April 2021, the breach ultimately affected around 100 companies and 12 government agencies. The affected federal agencies, in addition to the Pentagon, were the Treasury, Justice, and Energy departments, as well as Microsoft, Intel, and Cisco. In the end, the list of affected businesses also included banks, telecoms, tech firms, and defense contractors.

All government agencies are required to immediately unplug the impacted Orion products from their networks, according to an emergency directive issued by the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA). Companies were also asked to identify any third parties that may have been compromised, unplug any affected products, and take action to resolve any supply chain cybersecurity vulnerabilities.

The Russian Foreign Intelligence Service (SVR) was later identified by President Joe Biden in an April 2021 executive order as "the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures."



bottom of page