SolarWinds, one of the biggest software companies in the world that handles thousands of companies and government agencies, was recently hacked.
There is still no report, indicating the intensity of the said massive cyberattack. However, The Verge noted that SolarWinds may have deleted the history of its client profiles on its website. But, why?
SolarWinds faces another issue
On Tuesday, Dec. 15, The Verge exclusively reported that SolarWinds has removed several client names and profiles on its website. This was after the said cyberattack was announced, over the weekend.
It shows there that the page was still live as of Monday morning (roughly 11 AM ET).
As a clarification, not all companies included on the SolarWinds original customers’ page were victims of the cyberattack.
In fact, the company only claims that at least 33,000 companies were possible victims of the attack. This was in comparison with its original user base of 330,000 companies.
The reason behind removing names
There are many reasons why SolarWinds may have removed the customers’ page of the company.
First off, their clients might have requested this to be removed, in order to maintain the integrity and security of their businesses.
The second possible reason is that the company might have realized that there could still be security risks once the names of their clients are flashed on the page.
After all, before the attack, SolarWinds bragged that more than 425 of the companies listed on the Fortune 500 as well as the top 10 telecom operators in the United States, were part of their company.
Which companies were hacked?
An unidentified team of hackers reportedly breach the company’s system, taking over information from both private and government agencies– being handled by the software company.
Two huge examples of the agencies were the United States’ Treasury Department and the Commerce Department’s National Telecommunications and Information Administration.
Both of these agencies were said to be victims of the said attack.
“We can confirm there has been a breach in one of our bureaus,” a Commerce spokesperson said. “We have asked CISA and the FBI to investigate, and we cannot comment further at this time.”
Aside from them, reports said that there might be other government agencies that experienced the same attack, though haven’t disclosed yet.
Who did it?
As reported via Tech Visibility, there are still no clear names on which group of hackers did the said crime.
FireEye, the cybersecurity firm investigating the incident, said that code name UNC2452 was the one behind the attack.
However, some reports still believed that highly-skilled Russian hackers APT29 or Cozy Bear should be responsible.
Since there were government agencies involved, the FBI and other state security experts are expected to handle the investigation.
So far, SolarWinds already updated its security features, which “replaces the compromised component and provides several additional security enhancements.”