SolarWinds investors have sued the computer software firm’s directors, alleging they understood about and failed to keep track of cybersecurity hazards to the firm ahead of a breach that established a vulnerability in hundreds of its customers’ programs.
The lawsuit filed in Delaware seems to be the very first primarily based on records shareholders demanded from the firm just after Reuters documented final December that malicious code inserted into a person of the firm’s computer software updates remaining US federal government organizations and companies uncovered.
The lawsuit names a combine of recent and previous directors as defendants.
A SolarWinds spokesperson stated the firm does not comment on pending litigation, but famous it is centered on “deepening” consumer relationships and “overtly talking about our Protected by Style and design initiatives as we seem to established the common for secure computer software development.”
Led by a Missouri pension fund, the investors allege that the board failed to put into action processes to keep track of cyber safety hazards, these kinds of as requiring the firm’s management to report on those people hazards often.
They are looking for damages on behalf of the firm and to reform the firm’s insurance policies on cyber safety oversight.
The lawsuit is the hottest fallout about the breach of SolarWinds’ computer software, which gave hackers accessibility to the facts of hundreds of companies and federal government workplaces that utilised its goods and which US officers have attributed to Russia.
SolarWinds has stated it is cooperating with investigations into the breach by the US Securities and Exchange Commission, Department of Justice and some others.
The firm has moved to dismiss one more shareholder lawsuit looking for damages for a decline in its share selling price.