SolarWinds 2020 Supply Chain Attack: US Government and Fortune 500 Compromised
Russian intelligence inserted a backdoor into SolarWinds updates installed by 18,000 organizations including major US government agencies.
Unlock Full Privacy Intelligence
Get deep-dive reports on every company that touches your data. SeekerPro members see breach timelines, DSAR success rate...
Learn MoreAudit Your Site Free
Run a full privacy and compliance audit on any website in 60 seconds. NexusBro scans cookie consent, tracker behavior, a...
Learn MoreAutomate Privacy Compliance
Stop wasting hours on manual DSAR filings and cookie consent management. BliniBot handles the busywork so your team can ...
Learn MoreData Types Exposed
Response Timeline
September 2019: Initial access to SolarWinds build system
February 2020: Trojanized update deployed
December 8 2020: FireEye discovers its own compromise
December 13 2020: Public disclosure; emergency CISA directive
Detailed Analysis
The SolarWinds attack was one of the most sophisticated supply chain compromises in history. Russian SVR intelligence gained access to the software build system and inserted the SUNBURST backdoor into legitimate Orion platform updates. The attack went undetected for 9 months.
The breach at SolarWinds exposed 18,000 organizations installed compromised update; ~100 selectively targeted records through trojanized solarwinds orion update (sunburst backdoor) attributed to russian svr. US Treasury, Commerce, Homeland Security, State Department, DOE, NIH, Pentagon, Microsoft, Intel, Cisco The incident highlights the ongoing challenges organizations face in protecting sensitive user data against increasingly sophisticated attack vectors. Security researchers have noted that breaches of this magnitude often result from a combination of technical vulnerabilities and organizational failures in security practices.
Current status: Attributed to Russian SVR intelligence (APT29); SEC charged SolarWinds CISO. Affected users should take immediate steps to protect their accounts, including changing passwords, enabling multi-factor authentication, and monitoring financial accounts for unauthorized activity. Filing a DSAR with SolarWinds can help you understand what data was exposed and request its deletion.
What To Do If Affected
- Change your password immediately on this service and any accounts using the same password
- Enable two-factor authentication on all critical accounts
- Monitor your credit reports for unauthorized activity
- Consider placing a credit freeze with major bureaus
- File a complaint with your local data protection authority
Protect Your Data Across Every Platform
Tools trusted by thousands of privacy-conscious users worldwide
No card charged today. Cancel anytime.
Frequently Asked Questions
How many records were affected in the SolarWinds breach?
The SolarWinds data breach affected 18,000 organizations installed compromised update; ~100 selectively targeted records. Data types exposed include: internal communications, source code, government email systems, network configurations.
What should I do if I was affected by the SolarWinds breach?
If you were affected, change your passwords immediately, enable two-factor authentication, monitor your credit reports, and consider placing a credit freeze. You can also submit a DSAR to SolarWinds requesting deletion of your data.
Is there compensation for SolarWinds breach victims?
Attributed to Russian SVR intelligence (APT29); SEC charged SolarWinds CISO Check if a class action settlement exists and whether you are eligible to file a claim.