SolarWinds is back in hot water after a shareholder lawsuit accused the company of poor security practices, which they say allowed hackers to break into at least nine U.S. government agencies and hundreds of companies.
The lawsuit said SolarWinds used an easily guessable password “solarwinds123” on an update server, which was subsequently breached by hackers “likely Russian in origin.” Former SolarWinds chief executive Sudhakar Ramakrishna, speaking at a congressional hearing in March, blamed the poor password on an intern.
There are countless cases of companies bearing the brunt from breaches caused by vendors and contractors across the supply chain.
…
