Data Breach

SolarWinds Data Breach

18K records exposed • March 2020

Russian hackers snuck into SolarWinds, a company that makes software used by thousands of organizations. They poisoned the software updates, so when companies installed updates, they also installed Russian spy tools.

What Happened

Russian state actors compromised SolarWinds' Orion software build process, inserting a backdoor into updates sent to 18,000 organizations including US government agencies.

Attack method: Supply chain compromise

What Data Was Exposed

Network access, System configurations, Sensitive government data

Is your business exposed?

What to Do If You're Affected

1.
Check if Orion versions 2019.4-2020.2.1 were installed
2.
Follow CISA emergency directive ED 21-01
3.
Assume breach and conduct threat hunting

Lessons for Businesses

• Supply chain attacks can affect thousands of organizations
• Build processes need integrity verification
• Nation-state actors have long-term patience

Sources

https://www.cisa.gov/emergency-directive-21-01

Related Breaches

Moveit

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required