Lawsuit claims SolarWinds reportedly knew about cybersecurity issues before attack

SolarWinds saga (and the lawsuits) just fail to die

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A section ofSolarWindsinvestors have reportedly sued the software company’s directors, alleging they knew about and failed to monitor thecybersecurityrisks to the company ahead of last year’s breach that introduced a vulnerability in the systems of thousands of its downstream customers.

Themassive cyber-espionage effortthat tainted the software supply chain via a rigged update to SolarWinds software was discovered back in December 2020. Pinned on state-sponsored Russian hackers, the hack was found to have affected nine federal agencies, in addition to hordes of private-sector companies.

Reutersreports the latest lawsuit, led by a Missouri pension fund, alleges that the board of the software company was at fault for failing to implement procedures to monitor cybersecurity risks, such as requiring the company’s management to report on those risks regularly.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

Ongoing saga

Ongoing saga

The lawsuit reportedly names a mix of current and former directors as defendants, and in addition to seeking damages is asking for SolarWinds to reform its policies on cybersecurity oversights, such as the one that led to last year’s incident.

A SolarWinds spokesperson toldReutersthat the company does not comment on pending litigation, but noted that the company is focused on “deepening” customer relationships and “openly discussing our Secure by Design initiatives as we look to set the standard for secure software development.”

The pension fund lawsuit is the latest in a string of reactions against the company as a direct result of last year’s widely reported breach.

For instance, SolarWinds has recent;y moved court to dismiss another lawsuit seeking damages for a decline in the company’s share price, sharesReuters, adding that the company is already cooperating with investigations into the software supply chain breach by the US Securities and Exchange Commission, the Department of Justice, and others.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Minimize the threat of Internet-borne attacks with the help of thesebest antivirus software

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well