SolarWinds shareholders accuse the company of lying about its security practices ahead of the disclosure of a massive security incident.
A class-action lawsuit filed against SolarWinds and some of its executives accuses the company of lying and misleading shareholders about its security posture in the year leading up to its disclosure of a massive breach affecting public and private entities.
The suit was filed by shareholders and names SolarWinds, in addition to outgoing CEO Kevin Thompson and CFO Barton Kalsu, as defendants. It alleges Thompson and Kalsu, who were involved with the company's daily operations and had access to proprietary data, made false and misleading statements to the Securities and Exchange Commission throughout last year.
The complaint states that SolarWinds "failed to disclose the following adverse facts pertaining to the Company's business, operations, and prospects, which were known to Defendants or recklessly disregarded by them."
It continues to say SolarWinds failed to disclose that since mid-2020, its Orion monitoring tools had a vulnerability that enabled attackers to compromise the server on which its products ran. It also notes the company's update server had an easily accessible password of "solarwinds123." Consequently, SolarWinds customers would be vulnerable to hacks and, as a result, the company would suffer "significant reputational harm," the suit states.
"As a result, Defendants' statements about SolarWinds's business, operations and prospects were materially false and misleading and/or lacked a reasonable basis at all relevant times," according to the suit.
Read more details here.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024