SolarWinds Sued By Shareholders Over Epic 2020 Data Breach
GEORGETOWN, Del. — Shareholders are suing software provider SolarWinds Corp. in the Delaware Court of Chancery claiming the company directors should have known of, and yet did nothing to mitigate, the risk of the massive data breach that took place in 2020.
The plaintiffs, led by a Missouri pension fund, allege the board of directors failed to put safeguards in place that would have allowed them to respond more effectively to cybersecurity risks.
As a result, the lawsuit says, a malicious code inserted into one of the company’s Orion software updates gave hackers access to the data of thousands of companies and government departments and agencies.
The plaintiffs are seeking damages on behalf of the company, and want the court to order SolarWinds to dramatically tighten up the company’s policies when it comes to cybersecurity.
SolarWinds has said it is cooperating with investigations into the breach by the U.S. Securities and Exchange Commission, Department of Justice and others.
In a related note, the company has moved to dismiss another shareholder lawsuit seeking damages for a decline in its share price.
In a statement emailed to The Well News, a SolarWinds spokesperson said “We do not comment on pending litigation, but this action is similar to a purported derivative lawsuit filed earlier this year. More importantly, we continue to focus on deepening our relationships with customers and openly discussing our Secure by Design initiatives as we look to set the standard for secure software development.”
Dan can be reached at [email protected] and at https://twitter.com/DanMcCue