SEC Charges SolarWinds and CISO With Fraud Related to 2020 Cyberattack

2023-11-02 18:43

The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30.

The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

The SEC alleges that SolarWinds didn't disclose the full extent of the Sunburst cybersecurity incident on Dec. 14, 2020.

SolarWinds had filed a Form 8-K on that date; that is the form the SEC requires organizations to fill out in order to formally notify investors in the event of a significant event.

"As a result of these lapses, the company allegedly also could not provide reasonable assurances that its most valuable assets, including its flagship Orion product, were adequately protected" despite SolarWinds continuing to reassure its customers that their data was safe, the SEC said.

"We are disappointed by the SEC's unfounded charges related to a Russian cyberattack on an American company and are deeply concerned this action will put our national security at risk," SolarWinds said in a public statement emailed to TechRepublic.

News URL

https://www.techrepublic.com/article/sec-solarwinds-charge-fraud/

#ciso #cyberattack #fraud #SEC #solarwinds

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Solarwinds		56	33	105	80	50	268