The Washington Post
Breached firm Solarwinds faces SEC inquiry after stock sales
Solarwinds, the Texas-based company whose software was breached in a major Russian cyberattack, said in a recent filing that it is cooperating with an inquiry by the Securities and Exchange Commission.
In its annual report to investors, Solarwinds said there are “numerous” government investigations underway related to the cyber intrusion, including by the SEC, the Justice Department and state attorneys general. “We are cooperating and providing information in connection with these investigations and inquiries,” the company said in its filing.
Relatively unknown just a few months ago, Solarwinds has been in the hot seat since hackers exploited vulnerabilities in its software to breach at least nine government agencies and about 100 companies. Members of Congress recently questioned Solar-Winds chief executive Sudhakar Ramakrishna about whether private companies like his can be trusted to protect the country from future attacks.
The SEC probe, which had not been disclosed previously, comes after the largest investors in Solarwinds sold $315 million in shares of the company days before the hack was revealed. The investor group avoided losses of more than $100 million, while the buyer, Canada’s largest pension fund, saw the value of its new shares decline more than 40 percent in the days after the cyberattack became public.
A former SEC enforcement official told The Washington Post in December that, based on publicly known information, the stock sales would probably be investigated by the securities regulator. The former official, Jacob S. Frenkel, said the SEC would try to determine whether the investors withheld information before unloading their stakes in Solarwinds.
A spokesman for Solarwinds declined to comment beyond the filing. The SEC did not respond to a request for comment.
The stock sale was led by private equity firms Silver Lake and Thoma Bravo, which together own 70 percent of Solarwinds and control six of the company’s board seats. Their ownership gives them access to key information and makes their stock trades subject to federal rules around financial disclosures.
Solarwinds, Silver Lake and Thoma Bravo have all said they first learned of the security breach after the agreement was reached. Spokesmen for Silver Lake and Thoma Bravo declined to comment on the SEC inquiry.
Michel Leduc, a senior managing director at the Canada Pension Plan Investment Board (CPPIB), previously said he thought “no one was aware of the hack leading to our capital commitment” but said his firm was assessing the circumstances of the deal “for optimal certainty.”
A spokesman for the CPPIB did not respond to a request for comment.
Federal agencies affected by the recent Russian hacking include the departments of State, Justice, Treasury, Energy, Commerce and Homeland Security, as well as the National Institutes of Health, NASA and the Federal Aviation Administration, The Post has reported. In all cases, officials have said, the data stolen was unclassified and no operational systems were breached.