Breached software faces SEC inquiry after insider stock sales
SolarWinds, the Texasbased company whose software was breached in a major Russian cyberattack, said in a filing Monday it is cooperating with an inquiry from the Securities and Exchange Commission.
In its annual report to investors, SolarWinds said there are “numerous” government investigations underway related to the cyber intrusion, including by the SEC, the Justice Department and state attorneys general. “We are cooperating and providing information in connection with these investigations and inquiries,” the company said in its filing.
Relatively unknown just a few months ago, SolarWinds has been in the hot seat since hackers exploited vulnerabilities in its software to breach at least nine government agencies and about 100 companies. Last week, members of Congress questioned SolarWinds chief executive Sudhakar Ramakrishna about whether private companies like his can be trusted to protect the country from future attacks.
The SEC probe, which had not been disclosed previously, comes after the largest investors in SolarWinds sold $315 million in shares of the company days before the hack was revealed. The investor group avoided losses of more than $100 million, while the buyer, Canada’s largest pension fund, saw the value of its new shares decline more than 40% in the days after cyberattack became public.
A former SEC enforcement official told The Washington Post in December that, based on publicly known information, the stock sales would probably be investigated by the securities regulator. The former official, Jacob Frenkel, said the SEC would try to determine whether the investors withheld information about the possibility of a hack before unloading their stakes in SolarWinds. He said such a probe could take as long as a year.
A spokesman for SolarWinds declined to comment beyond the filing, which did not specify what the SEC was looking into. The SEC did not respond to a request for comment.
The stock sale was led by private equity firms Silver Lake and Thoma Bravo, which together own 70% of SolarWinds and control six of the company’s board seats. Their ownership gives them access to key information and makes their stock trades subject to federal rules around financial disclosures.
SolarWinds, Silver Lake and Thoma Bravo have all said they first learned of the security breach after the agreement was reached. Spokesmen for Silver Lake and Thoma Bravo declined to comment on the SEC inquiry.