On behalf of SolarWinds customers, a class action lawsuit was brought this week over the cybersecurity breach suffered by the Texas-based supplier of IT management solutions.
A lawsuit was brought by Timothy Bremer on behalf of shareholders in the Western District of Texas, primarily those who purchased SolarWinds stock between February 24, 2020, and December 15, 2020.
The lawsuit names SolarWinds, as well as Kevin Thompson, who, before just days before the event was disclosed, acted as the company’s CEO, and Barton Kalsu, SolarWinds’ Senior VP and CFO.
The litigation points out that after the announcement of the cyberattack, the value of SolarWinds stock fell dramatically, from almost $24 per share to around $18 a few days after the hack came to light.
The complaint references the financial reports filed by SolarWinds while threat actors had access to its systems and alleges that the company’s executives “made false and/or misleading statements and/or failed to disclose that: (1) since mid-2020, SolarWinds Orion monitoring products had a vulnerability that allowed hackers to compromise the server upon which the products ran; (2) SolarWinds’ update server had an easily accessible password of ‘solarwinds123’; (3) Consequently, SolarWinds’ customers, including, among others, the Federal Government, Microsoft, Cisco, and Nvidia, would be vulnerable to hacks; (4) As a result, the Company would suffer significant reputational harm; and (5) As a result, Defendants’ statements about SolarWinds’s business, operations and prospects were materially false and misleading and/or lacked a reasonable basis at all relevant times.”
Any of the comments made by third parties stating that they had told SolarWinds about different vulnerabilities and security threats were also cited by the claimant, but were overlooked by the business.
It is assumed that the perpetrators obtained access to the databases of the company at least one year before the breach was detected.
Until March 5, SolarWinds investors will enter the class action.
When they agreed to sell hundreds of millions of dollars worth of shares shortly before the hack came to light, an investigation was conducted into whether SolarWinds executives were aware of the breach. The business says the incident was not revealed to them.
On Tuesday, several U.S. institutions officially claimed that Russia was potentially responsible for the attack, allegations that Moscow rejected.
Up to 18,000 clients may have received Trojanized product notifications provided by the attackers, SolarWinds said, but just a few hundred were likely to be the real number of companies that posed an interest to the hackers. The New York Times recently confirmed that in the supply chain attack, over 250 government departments and companies were abused.
Investigations into the SolarWinds attack are still seeking to decide if a second, unrelated threat attacker was also attacked by the firm, who obviously could have leveraged a zero-day flaw involving goods from SolarWinds and a piece of malware called Supernova.