Investors in SolarWinds have sued the software company’s directors, alleging they were aware of and failed to monitor the company for cybersecurity risks that created a vulnerability in the systems of thousands of its customers.
The lawsuit filed in Delaware on Thursday appears to be the first since Reuters sought from the company based on record shareholders informed of Last December, malicious code inserted in one of the company’s software updates exposed US government agencies and companies.
The lawsuit names a mix of current and former directors as defendants.
a orion The spokesperson said the company does not comment on pending litigation, but noted that it remains focused on “deepening” customer relationships and “openly discussing our Secure Buy Design initiative to set the standard for secure software development.” Still working.”
Led by the Missouri Pension Fund, investors allege that the board failed to implement procedures to monitor cybersecurity risks, such as requiring the company’s management to regularly report on those risks.
They are seeking damages on behalf of the company and reforming the company’s policies on cyber security oversight.
The lawsuit is the latest fallout over a breach of SolarWinds’ software, which gave hackers access to data from thousands of companies and government offices that used its products and which US officials have attributed to Russia.
SolarWinds has said it is cooperating with an investigation into the breach by the US Securities and Exchange Commission, the Justice Department and others. The company has moved to dismiss another shareholder lawsuit seeking damages for the drop in its share price.
© Thomson Reuters 2021