SEC: SolarWinds failed to disclose cybersecurity woes before historic breach

Start

In a complaint filed in the Southern District of New York, the SEC contends that SolarWinds and the company’s chief information security officer, Tim Brown, repeatedly violated the antifraud disclosure and internal controls provisions of federal securities law by not disclosing vulnerabilities that the company knew could lead to a hack.

Later, SolarWinds suffered a breach of its network monitoring software, Orion, that allowed hackers suspected to be connected to the Russian government to infiltrate thousands of customer organizations that included nine federal agencies. The breach began as early as 2019 but only became public in 2020.

https://www.washingtonpost.com/national-security/2023/10/30/solarwinds-computer-breach-sec-russia/

Previous Story

Stablecoin Pilot Announced; Crypto Market Data Published; FinCEN Proposal to Combat Crypto Mixing; EU Bank Addresses DAOs; Hacking Data Published

Next Story

The US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents.