July 18, 2024 at 05:17PM
A judge has mostly dismissed a lawsuit by America’s financial watchdog against SolarWinds and its CISO for misleading investors about computer security practices and the backdooring of its Orion product after the SUNBURST attack. The judge ruled in favor of SolarWinds on post-SUNBURST claims but sustained the SEC’s securities fraud claims based on pre-SUNBURST statements.
From the meeting notes:
– The lawsuit brought by America’s financial watchdog against SolarWinds and its chief infosec officer accusing them of misleading investors about its computer security practices and the backdooring of its Orion product has mostly been thrown out by US federal district Judge Paul Engelmayer.
– The judge dismissed all the claims against SolarWinds related to what followed the SUNBURST attack, which involved a backdoor malware planted in the Orion product by Russian spies.
– The judge rejected the SEC’s allegations that SolarWinds underhandedly played down the cyberattack’s scope and severity to investors. However, he did sustain the regulator’s claims of securities fraud based on SolarWinds’ pre-SUNBURST statement about the security of its Orion product.
– SolarWinds has expressed pleasure at the judge’s largely dismissing the SEC’s claims, and they look forward to presenting their own evidence to refute the remaining claim.
– The SEC declined to comment on the judge’s opinion.
If you require further clarification on any specific point, please let me know.