Skip to main content

Slashdot: SolarWinds' Former CEO Blames Intern for 'solarwinds123' Password Leak

SolarWinds' Former CEO Blames Intern for 'solarwinds123' Password Leak
Published on February 28, 2021 at 03:04AM
"Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years," reports CNN. The password in question, "solarwinds123," was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server... It is still unclear what role, if any, the leaked password may have played in enabling suspected Russian hackers to spy on multiple federal agencies and businesses in one of the most serious security breaches in U.S. history. Stolen credentials are one of three possible avenues of attack SolarWinds is investigating as it tries to uncover how it was first compromised by the hackers, who went on to hide malicious code in software updates that SolarWinds then pushed to some 18,000 customers, including numerous federal agencies. Other theories SolarWinds is exploring, said SolarWinds CEO Sudhakar Ramakrishna, include the brute-force guessing of company passwords, as well as the possibility the hackers could have entered via compromised third-party software. Confronted by Rep. Rashida Tlaib, former SolarWinds CEO Kevin Thompson said the password issue was "a mistake that an intern made... They violated our password policies and they posted that password on an internal, on their own private Github account," Thompson said. "As soon as it was identified and brought to the attention of my security team, they took that down...." Ramakrishna later testified that the password had been in use as early as 2017... That timeframe is considerably longer than what had been reported. The remarks were made at a hearing of a House security committee, where Representative Katie Porter also strongly criticized the company. "I've got a stronger password than 'solarwinds123' to stop my kids from watching too much YouTube on their iPad! You and your company were supposed to be preventing the Russians from reading Defense Department emails!" CNN also reports that Microsoft (which is leading the forensic investigation into the breach) "later said there is no evidence that the Pentagon was actually affected by the Russian spying campaign."

Read more of this story at Slashdot.

Comments

Popular posts from this blog

Slashdot: Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push

Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push Published on 2026-06-28T22:05:00Z Spanish startup FOSSA Systems "has raised about $10.5 million to expand its connectivity constellation," reports Space News, noting some funding is backed by Spain's government: The support from the Spanish Society for Technological Transformation (SETT) comes a year after the fund injected 14 million euros into Spain's Sateliot , which is also developing a satellite connectivity network with security and defense applications. Spanish private investment firm Kibo Ventures led FOSSA's funding round, the six-year-old venture announced June 24, bringing its total raised to date to nearly 20 million euros. The proceeds will help fuel FOSSA's push beyond the tiny picosatellites it once used to connect low-power monitoring devices toward larger cubesats in low Earth orbit, enabling additional sovereign communications and space-based intelligence capab...

Slashdot: AT&T Outlines $250 Billion US Investment Plan To Boost Infrastructure In AI Age

AT&T Outlines $250 Billion US Investment Plan To Boost Infrastructure In AI Age Published on 2026-03-10T20:00:00Z AT&T plans to invest more than $250 billion over the next five years to expand U.S. telecom infrastructure for the AI age. The company says it will also hire thousands of technicians while partnering with AST SpaceMobile to extend coverage to remote areas. Reuters reports: Rapid adoption of artificial intelligence, cloud computing and connected devices has prompted telecom operators to invest heavily in fiber and 5G networks as they also seek to fend off intensifying competition from cable broadband providers. AT&T, which has about 110,000 employees in the U.S., said the new hires will help build and maintain its infrastructure. The outlay includes capital expenditure and other spending, the company said. The spending will focus on expanding its fiber and wireless networks, including accelerating deployment of fiber broadband, 5G home internet and satellite co...