DIRS.INFO The most relevant business & tech news

The hackers also targeted prominent Democrats including the staff of Senate Majority Leader Chuck Schumer, another source briefed on the matter told CNN. There are no indications anyone was able to access data related to Jared Kushner or his devices, a person familiar with the matter told CNN. The Trump campaign is operating under the assumption that the hackers could still have access to the phone communications they targeted that belong to Trump and Vance, two of the sources said. Given how pervasive the Chinese hacking campaign has been in US telecom networks, some US allies are checking their own computer networks for signs of compromise. The ongoing Chinese hacking campaign means that the next administration — whether Trump or Harris wins — will likely inherit another major cybersecurity incident with big implications for national security.

Persons: Eric Trump’s, Jared Kushner’s, Donald Trump’s, Trump, JD Vance, Harris, Walz, Chuck Schumer, Eric Trump, Kushner, ‘, ’, Eric’s, Lara, Ivanka Trump, Kamala, Biden, Jared Kushner, Vance, ” Sen, Mark Warner, —, Joe Biden, Ted Barrett, Natasha Bertrand, Kaitlan Collins, Kristen Holmes Organizations: CNN, Republican, Democratic, FBI, The New York Times, AT, Verizon, Trump, Investigators, Justice Department, Department of Justice, Huawei, Republican National Committee, Embassy, US, Infrastructure Security Agency, Wall Street Journal, Washington Post, Department of Homeland Security, DHS, Virginia Democrat Locations: Beijing, China, Washington ,, People’s Republic of China, United Kingdom

☆ Delta just issued a warning shot to CrowdStrike about the money it wants to help cover some losses from the huge outage
▼ + stars: | 2024-07-30 | by ( Shubhangi Goel | ) www.businessinsider.com time to read: +5 min

Read previewDelta Air Lines is gearing up to demand money following an outage that sent the world, including the airline, into chaos. The carrier hired star attorney David Boies to seek damages from CrowdStrike and Microsoft for the July 19 computer outage that forced Delta to cancel about 6,000 flights, CNBC reported on Monday. AdvertisementWhile no lawsuit has been filed, Delta plans to seek compensation from CrowdStrike and Microsoft, CNBC reported. AdvertisementEven individuals hoping to seek damages from CrowdStrike through proposed class action lawsuits may have little luck. Between customer agreements that favor CrowdStrike and SolarWinds largely beating the SEC, CrowdStrike stands a good chance in court, Sanchez said.

Persons: —, David Boies, Delta, Boies, Elizabeth Holmes, Al Gore, Boies Schiller, CrowdStrike, Elizabeth Burgin Waller, Woods Rogers, Mauricio Sanchez, Sanchez, SolarWinds, Andrew Selbst, Selbst Organizations: Service, Lines, Microsoft, CNBC, Business, Delta, Analysts, Bloomberg, CrowdStrike's Falcon, Dell'Oro, Fierce, Securities and Exchange, SEC, UCLA School of Law, Harvard Law, Federal Trade Commission, FTC Locations: CrowdStrike, Delta, Texas

☆ Costs from the global outage could top $1 billion – but who pays the bill is harder to understand
▼ + stars: | 2024-07-21 | by ( Chris Isidore | ) edition.cnn.com time to read: +5 min

New York CNN —The world learned relatively quickly that cybersecurity firm CrowdStrike was behind a crippling global tech outage on Friday. Billion-dollar billExperts largely agree it’s too early to get a firm handle on the price tag for Friday’s global internet breakdown. His firm estimates that a recent hack of CDK Global, a software firm that serves US car dealerships, reached that $1 billion cost mark. It’s also not clear how many customers CrowdStrike might lose because of Friday. It will be difficult, and not without additional costs, for many customers to switch from CrowdStrike to a competitor.

Persons: CrowdStrike, ”, you’re, Dan Ives, it’s, Patrick Anderson, Anderson, Harry Reid, Ty ONeil, “, James Lewis, Lewis, It’s, Wedbush Securities ’, ” Ives, George Kurtz, ’ ”, Eric O’Neill Organizations: New, New York CNN, CNN, Wedbush Securities, Anderson Economic Group, Harry, Harry Reid International Airport, Microsoft, Center for Strategic, International Studies, SolarWinds, Exchange Commission, CNBC Locations: New York, Michigan, Russian, CrowdStrike

☆ CrowdStrike's terms and conditions say most customers would just get a refund due to the massive outage, cybersecurity lawyer says
▼ + stars: | 2024-07-19 | by ( Jacob Shamsian | ) www.businessinsider.com time to read: +5 min

But, according to the cybersecurity company's terms and conditions, CrowdStrike doesn't have to shell out anything more than a simple refund. The terms for CrowdStrike's Falcon security software — which is used by companies and government agencies around the world — limit liability to "fees paid." AdvertisementThat means CrowdStrike users who signed the standard terms and conditions can't expect to get more than a refund from the company, Waller said. Related storiesBigger companies using CrowdStrike's software — like some of the airlines or hospital chains affected — may have negotiated different terms and conditions contracts with the cybersecurity company. According to Waller, most cyber insurance companies have policies that cover "contingent business interruption" or "dependent business interruption."

Persons: —, Elizabeth Burgin Waller, Woods, Waller, CrowdStrike didn't, I've, CrowdStrike, We've, SolarWinds, Paul Engelmayer Organizations: Service, CrowdStrike's Falcon, Business, CrowdStrike, Woods Rogers, CrowdStrike's, SEC, Securities and Exchange Commission Locations: Manhattan, Russian

☆ How the world’s tech crashed all at once
▼ + stars: | 2024-07-19 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +4 min

CNN —When computers and tech systems around the world went down Friday, snarling airports, closing Social Security offices and limiting jail operations, many people had one question: How on Earth could this happen in 2024? CrowdStrike is everywhereNumerous Fortune 500 companies use CrowdStrike’s cybersecurity software to detect and block hacking threats. Computers running Microsoft Windows — one of the most popular software programs in the world — crashed because of the faulty way a code update issued by CrowdStrike is interacting with Windows. Anne Neuberger, a senior White House tech and cybersecurity official, spoke of the “risks of consolidation” in the tech supply chain when asked about the IT outage on Friday. The infamous hack of the US government using SolarWinds software in 2020, which US officials blamed on Russia, came through a tampered software update.

Persons: Costin, CrowdStrike, Munish Walther, Puri, “, ” Walther, Anne Neuberger, ” Neuberger, ” Tobias Feakin Organizations: CNN, CrowdStrike, Windows, White House, Aspen Security Locations: New York, Russia, Russian

☆ US government review faults Microsoft for ‘cascade’ of errors that allowed Chinese hackers to breach senior US officials’ emails
▼ + stars: | 2024-04-02 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

Washington CNN —Microsoft committed a “cascade” of “avoidable errors” that allowed Chinese hackers to breach the tech giant’s network and later the email accounts of senior US officials last year, including the secretary of commerce, a scathing US government-backed review of the incident has found. In particular, the review board faulted Microsoft (MSFT) for not adequately protecting a sensitive cryptographic key that allowed the hackers to remotely sign into their targets’ Outlook accounts by forging credentials. The hackers downloaded about 60,000 emails from the State Department alone, department spokesman Matthew Miller has said. Microsoft has “mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks,” the statement continued. Russian hackers allegedly infiltrated software made by US firm SolarWinds to steal emails from US government agencies in 2020.

Persons: ”, Joe Biden, “, China Nicholas Burns, Antony Blinken, Matthew Miller, Gina Raimondo, Raimondo, Cory Simpson, ” Simpson Organizations: Washington CNN, Microsoft, US, Department of Homeland Security, CNN, State Department, Institute, Infrastructure Technology Locations: Washington, China, Russia

☆ Russian state-backed hackers accessed Microsoft’s core software systems, company says
▼ + stars: | 2024-03-08 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

CNN —Russian state-backed hackers gained access to some of Microsoft’s core software systems in a hack first disclosed in January, the company said Friday, revealing a more extensive and serious intrusion into Microsoft’s systems than previously known. Hackers with access to source code can use it for follow-on attacks on other systems. Microsoft first revealed the breach in January, days before another Big Tech company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems. The hacking group was behind the infamous breach of several US agency email systems using software made by US contractor SolarWinds, which was revealed in 2020. US officials have attributed the hacking group to Russia’s foreign intelligence service.

Organizations: CNN, Microsoft, US Securities and Exchange Commission, Big Tech, Hewlett Packard Enterprise, Kremlin, SolarWinds, Homeland Security, SEC Locations: Russian, Russia

BOSTON (AP) — Hewlett Packard Enterprise disclosed Wednesday that suspected state-backed Russian hackers broke into its cloud-based email system and stole data from cybersecurity and other employees. It said it believed the hackers were from Cozy Bear, a unit of Russia's SVR foreign intelligence service. It said the Russian hackers accessed accounts of senior Microsoft executives as well as cybersecurity and legal employees. Political Cartoons View All 253 ImagesCompany spokesman Adam R. Bauer, reached by email, would not say who informed HPE of the breach. “We're not sharing that information at this time.” Bauer said the compromised email boxes were running Microsoft software.

Persons: Cozy Bear, ”, Adam R, Bauer, HPE, We're, ” Bauer, ” HPE Organizations: BOSTON, Hewlett Packard Enterprise, Securities and Exchange, Microsoft, SharePoint, . Securities, Exchange, Hewlett, Packard Inc Locations: Russian, Redmond, Washington, U.S, Europe, Spring , Texas

☆ HPE hacked by same Russian intelligence group that hit Microsoft
▼ + stars: | 2024-01-24 | by ( Jonathan Vanian | In | ) www.cnbc.com time to read: +2 min

Antonio Neri, president and chief executive officer of Hewitt Packerd Enterprise (HPE), speaks during the HPE Discovery CIO Summit in Las Vegas, Nevada, U.S., on Tuesday, June 19, 2018. HPE said that it is still investigating the hack, which it believes was related to another incident that occurred in June 2023. During that event, the hackers managed to compromise "a limited number of SharePoint files as early as May 2023," HPE wrote in the filing. "Upon undertaking such actions, we determined that such activity did not materially impact the Company." In 2020, this same Russian intelligence-linked hacking group also conducted the infamous breach of government supplier SolarWinds.

Persons: Antonio Neri, Hewitt, Bridget Bennett, Bear, HPE Organizations: Enterprise, Bloomberg, Getty, Hewlett Packard Enterprise, Microsoft, SolarWinds Locations: Las Vegas , Nevada, U.S, Russian

☆ What Microsoft’s hack means for its $20 billion cybersecurity franchise and its rivals
▼ + stars: | 2024-01-22 | by ( Morgan Chittum | ) www.cnbc.com time to read: +5 min

Microsoft 's hacking disclosure could be a challenge for its $20 billion-a-year cybersecurity franchise but bullish news for fellow portfolio name and rival Palo Alto Networks. Microsoft stock was trading modestly lower Monday but has climbed more than 5% since the start of 2024 following last year's 56% gains. Microsoft's cybersecurity incident doesn't leave us any less bullish on the mega-cap name. While its cybersecurity business pulls in about $20 billion in annual sales, Microsoft's revenue jumped 7% in 2023 to nearly $212 billion. The Securities and Exchange Commission's (SEC) new disclosure rules around cybersecurity attacks could be another catalyst for Palo Alto, Jim added.

Persons: hasn't, Nobelium, Jim Cramer, Jim, Palo, Exchange Commission's, Nikesh Arora, Estee Lauder, Clorox, Okta, Jim Cramer's, Satya Nadella, Justin Sullivan Organizations: Microsoft, Palo Alto Networks, Wall, SolarWinds, Apple, JPMorgan, Securities, Exchange, SEC, Palo Alto, Corporations, Palo, CNBC, MGM Resorts, Caesars Entertainment Locations: Russian, Palo, Palo Alto, Davos, Switzerland, San Francisco

☆ CrowdStrike CEO talks Microsoft's security breach and explains why Russian hackers are hard to beat
▼ + stars: | 2024-01-22 | by ( Julie Coleman | ) www.cnbc.com time to read: +2 min

In a Monday interview with CNBC's Jim Cramer, CrowdStrike CEO George Kurtz discussed Microsoft 's high-profile security breach by a Russian intelligence group, saying these adversaries have a determined "low and slow" approach to hacking that's especially tough to beat. Thought to be part of the Russian foreign intelligence service SVR, Nobelium is also known as Midnight Blizzard and Cozy Bear. Nobelium has tried to breach the systems of U.S. allies as well as the Department of Defense. He said CrowdStrike uses its algorithms to string together these "low signals" and identify such adversaries. Kurtz added that CrowdStrike has been able to stop the group in the past, saying that some of Microsoft's customers seek additional support from his company.

Persons: CNBC's Jim Cramer, George Kurtz, Cozy Bear, Kurtz, it's, Nobelium, CrowdStrike Organizations: Microsoft, Nobelium, Midnight, Cozy, Department of Defense, SolarWinds Locations: Russian, U.S, China

☆ Microsoft says Russian hackers attacked it to find information about themselves
▼ + stars: | 2024-01-20 | by ( Lakshmi Varanasi | ) www.businessinsider.com time to read: +3 min

Microsoft said on Friday that its security systems were breached by a Russian hacking group. Microsoft identified the group as Midnight Blizzard, which was behind the SolarWinds cyberattack. AdvertisementMicrosoft said Friday that its systems were breached by Russian hackers who accessed a "very small percentage" of corporate email accounts. The attack was launched by Midnight Blizzard — the seasoned Russian hacking group behind the massive 2020 attack on US information technology firm SolarWinds, which exposed sensitive information in the US federal government. But federal investigators said they found evidence the hackers accessed Microsoft Office 365.

Persons: — Organizations: Microsoft, Midnight, Service, Midnight Blizzard, Initiative Locations: Russian, China

☆ Microsoft says Russian hacking group accessed email accounts of senior leaders
▼ + stars: | 2024-01-19 | by ( Catherine Thorbecke | ) edition.cnn.com time to read: +2 min

CNN —A Russian hacking group gained access to some email accounts of Microsoft senior leaders, the software giant disclosed in a regulatory filing Friday afternoon. “Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium.”Nobelium, notably, is the same group responsible for the infamous SolarWinds breach back in 2020. Microsoft said it is in the process of notifying employees whose email was accessed. There is currently no evidence that the hackers had any access to customer environments or AI systems, Microsoft said. Microsoft systems have been the target of multiple recent high-profile hacking efforts.

Persons: ” Nobelium, SolarWinds, — Organizations: CNN, Microsoft, Midnight Blizzard, Hackers, Midnight, Federal Bureau of Investigation, Infrastructure Security Agency Locations: Russian

It said the same highly skilled Russian hacking team behind the SolarWinds breach was responsible. “A very small percentage” of Microsoft corporate accounts were accessed, the company said, and some emails and attached documents were stolen. A company spokesperson said Microsoft had no immediate comment on which or how many members of its senior leadership had their email accounts breached. In a regulatory filing Friday, Microsoft said it was able to remove the hackers' access from the compromised accounts on or about Jan. 13. After gaining a foothold, they used the account's permissions to access the accounts of the senior leadership team and others.

Persons: “ Organizations: BOSTON, —, Microsoft, . Securities, Exchange, SEC, Google, Cozy, Justice, Treasury Locations: — State, Russian, Redmond , Washington, U.S, Europe

Microsoft said in a Friday regulatory filing that a Russian intelligence group accessed some of the software maker's top executives' email accounts. The company said a group called Nobelium carried out the attack, which it detected last week. Microsoft and the U.S. government consider Nobelium to be a part of the Russian foreign intelligence service SVR. The hacking group was responsible for one of the most prolific breaches in U.S. history, when it breached government supplier SolarWinds in 2020. It was also implicated alongside another Russian hacking group in the 2016 breach of the Democratic National Committee's systems.

Persons: Amy Hood, Brad Smith, Satya Nadella, Nobelium Organizations: Microsoft, Infrastructure Security Agency, U.S, SolarWinds, Department of Defense, Democratic National Locations: Russian, U.S

☆ The Cybersecurity Lawsuit That Boards Are Talking About
▼ + stars: | 2023-11-18 | by ( Sarah Kessler | More About Sarah Kessler | ) www.nytimes.com time to read: +2 min

Most experts agree that, regardless of the lawsuit’s outcome, it could affect how companies handle cybersecurity risks. In July, the agency adopted new cybersecurity disclosure requirements set to take effect in December. They require companies to report material attacks within four days and to make yearly disclosures about their cybersecurity risk management, strategy and governance. In a June speech, the S.E.C.’s enforcement director, Gurbir Grewal, said it had “zero tolerance for gamesmanship” around cybersecurity disclosures. No CISO can now risk basically painting an unrealistically positive picture of cybersecurity.”

Persons: Gurbir Grewal, ” Wolff, ‘, Ramakrishna, it’ll, ”, Jake Williams, CISOs Organizations: cybersecurity

☆ SEC alleges SolarWinds and key executive misled investors about cybersecurity prior to 'massive' cyberattack
▼ + stars: | 2023-10-31 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +6 min

"We allege that, for years, SolarWinds and Brown ignored repeated red flags about SolarWinds' cyber risks, which were well known throughout the company," SEC enforcement director Gurbir Grewal said in a press release. SolarWinds went public in 2018, and made only "generic" disclosures about cybersecurity risk in both its prospectus and in continued filings, the complaint said. However, the SEC alleged that SolarWinds and Brown knew that the company's cybersecurity practices were weak, pointing to an internal presentation from Brown that was made the same month SolarWinds went public. It appears to be one of the first times the SEC has alleged a company misled and defrauded investors over cybersecurity risks. In reality, Brown knew that the company was not following those best practices, the SEC alleged.

Persons: SolarWinds, Tim Brown, Brown, Gurbir Grewal, weren't, Solarwinds, Kevin Thompson, Sudhakar Ramakrishna, Mr, Alec Koch Organizations: SolarWinds Corp, New York Stock Exchange, Securities and Exchange Commission, SEC, software, Orion, unf, Regulators, MGM Resorts, CNBC Locations: New York, U.S, Russian, Clorox, SolarWinds

☆ SEC Sues SolarWinds Over 2020 Hack Attributed to Russians
▼ + stars: | 2023-10-30 | by ( Dave Michaels | Kim S. Nash | ) www.wsj.com time to read: 1 min

An attorney for SolarWinds calls the SEC’s lawsuit ‘overreach.’ Photo: sergio flores/ReutersThe Securities and Exchange Commission on Monday sued SolarWinds , the software company victimized by Russian-linked hackers over three years ago, alleging the firm defrauded shareholders by repeatedly misleading them about its cyber vulnerabilities and the ability of attackers to penetrate its systems. The SEC’s lawsuit is a milestone in its evolving attempt to regulate how public companies deal with cybersecurity. A hack that steals business secrets or customer data often pummels the victim company’s stock price, showing why firms with public shareholders have to accurately disclose such threats, the SEC says. The regulator recently imposed stricter cybersecurity reporting rules for public companies.

Persons: ‘, sergio flores, SolarWinds Organizations: ’, Reuters, Securities, Exchange Commission, Monday, cybersecurity, SEC

U.S. regulators on Monday sued SolarWinds, a Texas-based technology company whose software was breached in a massive 2020 Russian cyberespionage campaign, for fraud for failing to disclose security deficiencies ahead of the stunning hack. Detected in December 2020, the SolarWinds hack penetrated U.S. government agencies including the Justice and Homeland Security departments, and more than 100 private companies and think tanks. Koch added that “we look forward to defending his reputation and correcting the inaccuracies in the SEC’s complaint." Brown's current title at SolarWinds is chief information security officer. Capitalizing on the supply-chain hack, the Russian cyber operators then stealthily penetrated select targets including about a dozen U.S. government agencies and prominent software and telecommunications providers.

Persons: SolarWinds, Tim Brown, Brown, Alec Koch, Koch, Gurbir S, Grewal, “, ”, Biden, Chad Wolf Organizations: Securities and Exchange Commission, Justice and Homeland Security, SEC, Fortune, New, Homeland Locations: Texas, Russian, New York, SolarWinds, cyberattacks, Austin , Texas, North America, Europe, Asia

☆ Microsoft must be held responsible for China's U.S. government email hack, Senator Wyden demands
▼ + stars: | 2023-07-27 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +4 min

Chinese hackers accessed the Microsoft-powered email accounts of top China envoys, Commerce Secretary Gina Raimondo, and Secretary of State Antony Blinken. Wyden asked that the Justice Department examine whether Microsoft had violated federal law through its negligence; that CISA examine whether Microsoft violated best practices for securing the highly sensitive "skeleton key;" and that the Federal Trade Commission examine whether Microsoft violated federal privacy statutes. Both the State Department and the Commerce Department were targeted by Chinese hackers. Wyden noted it wasn't the first time that a foreign government had hacked government agencies by exploiting Microsoft vulnerabilities. Both Microsoft and federal officials have disclosed relatively little about the hack, though Microsoft has disseminated additional information and made concessions to customers to mitigate the impact of the exploitation.

Persons: Sen, Ron Wyden, Joe Biden's, Gina Raimondo, Antony Blinken, Wyden, Merrick Garland, Lina Khan, Jen Organizations: Democratic, Finance, Justice Department, Microsoft, Federal Trade Commission, Infrastructure Security Agency, Google, FTC, State Department, Commerce Department, Department's Locations: Washington, China

☆ Victims of Cyberattack on File-Transfer Tool Pile Up
▼ + stars: | 2023-07-19 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. Some companies have been drawn into data breaches without having used MoveIt because their business partners use it. The Cl0p ransomware group has taken responsibility for the cyberattacks and posted data from some victims on its underground website. A 2021 cyberattack on a tool similar to MoveIt—Accellion’s File Transfer Appliance—had similar ripple effects.

Persons: ”, Brett Callow, cyberattacks, Callow, Genworth, PBI, “, Shell, Rob Carr, Suzie Squier, Johns, Johns Hopkins, Emsisoft’s Callow, Catherine Stupp Organizations: Progress Software, . Progress, Progress, Shell, BBC, Energy Department, Genworth Financial, Social, PBI Research Services, U.S . Department of Health, Human Services, Colorado State University, BG Group, Johns Hopkins University, Getty Locations: British, MoveIt, Kaseya, Johns Hopkins

It can boost security, especially for small organizations that lack the resources to run their own IT or security departments. But competitors squeezed by Microsoft's security offering are sounding the alarm over how wide swaths of industry and government were effectively putting all their eggs in one basket. Adair said he understood that Microsoft wanted to make money from its premium security product. He noted that the hackers - which Microsoft nicknames Storm-0558 - were caught only because someone at the State Department with access to Microsoft's top-of-the-line logging noticed an anomaly in their forensic data. "Having Microsoft further empower customers and security companies so they can work together is probably the best way," Adair said.

Persons: Steven, Adair, Gina Raimondo, Microsoft, Ron Wyden, Redmond, Adam Meyers, CrowdStrike, Raphael Satter, Matthew Lewis Organizations: Microsoft, NASA, Reuters, U.S, State Department, Storm, Thomson Locations: cyberdefense, U.S, Washington

Chinese hackers intent on collecting intelligence on the United States gained access to government email accounts, Microsoft disclosed on Tuesday night. In a blog post, Microsoft said about 25 organizations, including government agencies, had been compromised by the hacking group, which used forged authentication tokens to get access to individual email accounts. Hackers had access to at least some of the accounts for a month before the breach was detected, Microsoft said. The new intrusion involved far fewer email accounts and did not go as deep into the targeted systems, Microsoft officials said. Nevertheless, having access to government email for a month before being detected could allow the hackers to learn information useful to the Chinese government and its intelligence services.

Organizations: United, Microsoft Locations: United States

☆ SolarWinds executives receive Wells notice from US SEC
▼ + stars: | 2023-06-23 | by ( ) www.reuters.com time to read: +1 min

June 23 (Reuters) - SolarWinds (SWI.N) said on Friday that some of its former and current executives had been issued a Wells notice by the U.S. Securities and Exchange Commission over a massive cyberattack in 2020 that the software firm was tied to. While a Wells notice does not necessarily mean the recipients have violated any law, the SEC issues the letter to firms when it is planning to bring an enforcement action against them. The company was at the center of a cybersecurity crisis in December 2020, after hackers compromised SolarWinds software updates and used them to access data of thousands of companies and government offices that used its products. In November last year, the SEC had recommended an enforcement action against the software firm over its public statements on cybersecurity and procedures governing such disclosures. Reporting by Samrhitha Arunasalam in Bengaluru; Editing by Maju SamuelOur Standards: The Thomson Reuters Trust Principles.

Persons: Samrhitha, Maju Samuel Organizations: U.S . Securities, Exchange Commission, SEC, Thomson Locations: U.S, Russia, Bengaluru

☆ SolarWinds chief vows to fight any legal action from US regulators over alleged Russian hack
▼ + stars: | 2023-06-23 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

The US Securities and Exchange Commission has informed current and former SolarWinds executives that it intends to recommend “civil enforcement action” alleging the company broke federal securities laws in its public statements and “internal controls” related to the hack, SolarWinds said in a filing with regulators on Friday. The SEC notice is an indication that US regulators are moving closer to bringing a civil lawsuit against SolarWinds that could result in fines or other penalties. For several months in 2020, hackers used software made by SolarWinds and other technology firms to burrow into US government agencies and corporate victims in an apparent spying campaign. After the hack became public, US lawmakers demanded answers from federal cybersecurity officials on why the hackers were undetected for so long, as well as criticized SolarWinds for its security practices prior to the hack. But SolarWinds says it has instituted numerous security reforms in the years since the hack, and has pushed that message of reform in public appearance with federal officials.

Persons: SolarWinds, –, Biden, “, ”, Sudhakar Ramakrishna, SolarWinds “, ” Ramakrishna Organizations: CNN, US Securities and Exchange, Justice, Homeland Security, SEC Locations: Russian, ” Austin , Texas, Moscow

Search resuls for: "Solarwinds"

25 mentions found