SolarWinds is at the heart of what might be the most significant cybersecurity breach in U.S. history, as hackers used an exploit in its system to possibly access everything from the National Nuclear Security Administration to most of the U.S. Fortune 500.
What's new: The IT vendor is (belatedly) pushing back against suggestions that its two largest investors engaged in insider trading ahead of the hack revelations.
The history: Texas-based SolarWinds was taken private in 2016 for $4.5 billion by private equity firms Silver Lake and Thoma Bravo. It then completed an IPO in October 2018.
- In August 2020 SolarWinds announced plans to hire a new CEO.
- On Dec. 7, Silver Lake and Thoma Bravo sold around $315 million in SolarWinds stock to Canada Pension Plan Investment Board (CPPIB). The two firms retained equity positions and seats on the SolarWinds board of directors.
- On Dec. 8, U.S. cybersecurity company FireEye disclosed that it had been hacked, likely by a government.
- On Dec. 9, SolarWinds named its new CEO.
- On Dec. 14 came reports that both the U.S. Treasury and Commerce Departments had been hacked, with FireEye publicly identifying SolarWinds for the first time.
- SolarWinds on Dec. 14 acknowledged it "has been made aware" of the hack, but declined to say when. One day later, the Washington Post published a story questioning the stock sales.
All of which leads us to yesterday, when SolarWinds put more details on its calendar.
- Per an 8-K filing, SolarWinds says its CEO was first informed of the situation, by FireEye, on Dec. 12.
- SolarWinds doesn't say when the board, including Silver Lake and Thoma Bravo reps, were informed, but the implication is that it couldn't have been before the 12th. If so, the trades were clean and CPPIB simply has a case of awful luck, as SolarWinds stock is down 26% on the week.
In a statement, the private equity firms said: “Thoma Bravo and Silver Lake were not aware of this potential cyberattack at SolarWinds prior to entering into a private placement to a single institutional investor on 12/7.”
- A CPPIB spokesman declined to comment on if the system was aware of SolarWinds' CEO hire when closing its purchase.
The bottom line: Expect U.S. securities regulators to trust but verify.
Go deeper: Cyberhack looks like an act of war