🔗💣

SolarWinds Security Incident

September 2019 - December 2020 2291 days ago Resolved

Incident Overview

Situation Description

The SolarWinds hack was an advanced supply-chain attack that compromised U.S. government agencies and private companies by infiltrating the Orion IT platform's software updates.

Event Types

Supply Chain Compromise Malware / Destructive Attack

Industry Sector

Technology

Geographic Scope

Global

Response Actions

Took Systems or Services Offline Deployed Emergency Patches Notified Affected Individuals & Entities Managed Public Narrative & Crisis Communications

Impact Analysis

Event Types (2 identified)

Supply Chain Compromise Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

Operational / System Data

Primary Impacts

Operational Disruption Reputational Damage

Key Decisions Made

SolarWinds is informed of the attack and discloses the details to customers.; The Cybersecurity and Infrastructure Security Agency (CISA) orders federal agencies to power down SolarWinds Orion.; SolarWinds releases software fixes and patches to update affected programs.

Technical Analysis

Attack Method

Third-Party Compromise

Threat Actor Attribution

SolarWinds

Vulnerability / Tool

SolarWinds Orion

Additional Information

Quick Facts

Company:: SolarWinds
Date:: September 2019 - December 2020
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: 12/04/2023

Source Information

Original Query

timeline of company actions after discovering ransomware

View Original Source

Timeline

Information Published

12/04/2023

Incident Occurred

September 2019 - December 2020 (2291 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats