Security News > 2021 > March > SolarWinds reports $3.5 million in expenses from supply-chain attack

SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation.

Further expenses were recorded by SolarWinds after paying for legal, consulting, and other professional services related to the December hack and provided to customers for free.

While $3.5 million doesn't seem too much compared to the aftermath of the SolarWinds supply-chain attack, the incurred expenses reported so far were recorded through December 2020, with significant additional costs being expected throughout the next financial periods.

"Costs related to the Cyber Incident that will be incurred in future periods will include increased expenses associated with ongoing and any new claims, investigations and inquiries, as well as increased expenses and capital investments related to our 'Secure By Design' initiatives, increased customer support activities and other related matters," the company said.

The overall losses after the supply-chain attack will likely be decreased by SolarWinds' $15 million cybersecurity insurance coverage which is expected to cover a significant share of the incremental breach remediation and response expenses.

Multiple US government agencies confirmed that they were compromised in the SolarWinds supply-chain attack the incident's disclosure.

News URL

https://www.bleepingcomputer.com/news/security/solarwinds-reports-35-million-in-expenses-from-supply-chain-attack/