Cybersecurity

Investor launches class-action lawsuit against SolarWinds over hack

SolarWinds Headquarters entrance By Travel_with_me shutterstock ID: 1875241378 

SolarWinds' corporate headquarters in Austin, Texas. (Image credit: Travel_with_me/Shutterstock.com)

An investor in SolarWinds today filed a class-action lawsuit against the company and two top executives claiming SolarWinds made "materially false and misleading statements" about their security measures.

The plaintiff, Timothy Bremer, who filed the suit in a district court in Texas, cites reporting by Reuters that stated a security researcher alerted the company that its update server could be breached using the password "solarwinds123." The story also quotes a separate cybersecurity executive saying, "days after SolarWinds realized their software had been compromised, the malicious updates were still available for download."

Despite this, the lawsuit claims, SolarWinds executives did not disclose the vulnerability to the public or its customers.

The lawsuit names the company, Kevin Thompson, the chief executive officer, and J. Barton Kalsu, the chief financial officer, as defendants.

Shortly after the breach in SolarWinds Orion, an IT management software, became public in December, the company said in an SEC filing it believes up to 18,000 of its customers may have downloaded the malicious code.

Microsoft and Cybersecurity firm FireEye have both been investigating the ongoing breach that compromised multiple federal agencies. Those companies have estimated about 40 and 50 organizations, respectively, were actively victimized by hackers.

The New York Times reported over the weekend the intelligence community now believes the hack "affected upward of 250 federal agencies and businesses."

Microsoft declined to comment on its previous estimate.

A spokeswoman for FireEye today declined to provide an updated figure. "There are a number of estimates going around based on different visibility. These should be viewed still as estimates at this point and variance is normal," she added.

About the Author

Justin Katz is a former staff writer at FCW.


Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected