SEC Settles SolarWinds Fraud Case, Enforces Cybersecurity Improvements

SEC Settles SolarWinds Fraud Case, Enforces Cybersecurity Improvements

The U.S. Securities and Exchange Commission (SEC) and SolarWinds Corp. have reached a settlement in a federal lawsuit. The lawsuit alleged investor fraud and known cybersecurity vulnerabilities by SolarWinds, with charges announced against the company and its chief information security officer in October 2023.

The SEC alleged that SolarWinds and its CISO violated securities laws by concealing vulnerabilities and cyber events in regulatory filings and statements from its IPO in 2018 to December 2020. The settlement, details of which remain private, involves SolarWinds agreeing to pay a financial penalty and implement enhanced cybersecurity measures, including improved internal controls and monitoring.

A District Court Judge in the South District of New York granted a stay in the case to finalize the settlement. The settlement details are to be submitted by September 12, or the sides will provide a status update to the court.

The settlement comes following the high-profile SolarWinds cyberattack, linked to Russia, which was used to access the data of thousands of companies and government offices. The attack was considered one of the largest and most sophisticated at the time. The agreed-upon measures aim to strengthen SolarWinds' cybersecurity posture and prevent future incidents.

Read also:

• Man Survives 3,300-Meter Skydive Fall After Parachute Malfunction
• Fructose Market Forecasted to Exceed $8.1 Billion by 2034
• Automotive Updates: Wolfspeed, NVIDIA, ABB, and Veritone in Spotlight
• Senate Tillis under spotlight in North Carolina as IRA tax incentives remain uncertain