(Reuters) - A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, according to six people familiar with the inquiry.
The SEC is asking companies to turn over records into "any other" data breach or ransomware attack dating back to October 2019 if they downloaded a bugged network-management software update from SolarWinds Corp, which delivers products used across corporate America, according to details of the letters shared with Reuters.
People familiar with the inquiry say the requests may reveal numerous unreported cyber incidents unrelated to the Russian espionage campaign, giving the SEC a rare level of insight into previously unknown incidents that the companies likely never intended to disclose.
"I've never seen anything like this," said a consultant who works with dozens of publicly traded companies that recently received the request. "What companies are concerned about is they don't know how the SEC will use this information. And most companies have had unreported breaches since then." The consultant spoke on condition of anonymity to discuss his experience.
An SEC official said the request's intent was to find other breaches relevant to the SolarWinds incident.
The SEC told companies they would not be penalized if they shared data about the SolarWinds hack voluntarily, but did not offer that amnesty...
Read Full Story: https://money.usnews.com/investing/news/articles/2021-09-10/wide-ranging-solarwinds-probe-sparks-fear-in-corporate-america
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.