SEC Sues SolarWinds for Fraud and Negligence in Cyberattack Fallout
The Securities and Exchange Commission (SEC) has filed a lawsuit against SolarWinds, alleging that the company committed fraud and failed to maintain adequate internal controls prior to the massive cyberattack it suffered in 2019. The SEC also named SolarWinds' chief information security officer, Tim Brown, in the lawsuit, claiming that the company overstated its cybersecurity practices and understated known vulnerabilities. The attack, attributed to a Russian-backed hacking group, compromised SolarWinds' Orion software, which was widely used by government agencies. The SEC alleges that SolarWinds misled investors about its cybersecurity compliance and failed to disclose the extent of the vulnerabilities exploited by the hackers. SolarWinds has stated that it believes the SEC's enforcement action is misguided and improper and will contest the charges in court.
- SEC sues SolarWinds over massive cyberattack, alleging fraud and weak controls CNBC
- Bad Passwords Are Securities Fraud Bloomberg
- SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack The Record from Recorded Future News
- SolarWinds charged by SEC for failing to disclose cybersecurity problems The Washington Post
- SEC sues SolarWinds and CISO, says they ignored flaws that led to major hack Ars Technica
Reading Insights
0
0
3 min
vs 5 min read
85%
818 → 124 words
Want the full story? Read the original article
Read on CNBC