The lawsuit filed in Delaware on Thursday appears to be the
first based on records shareholders demanded from the company after Reuters
reported last December that malicious code inserted into one of the company's
software updates left U.S. government agencies and companies exposed.
The lawsuit names a mix of current and former directors as
defendants.
A SolarWinds spokesperson said the company does not comment
on pending litigation, but noted it is focused on "deepening"
customer relationships and "openly discussing our Secure by Design
initiatives as we look to set the standard for secure software development."
Led by a Missouri pension fund, the investors allege that
the board failed to implement procedures to monitor cybersecurity risks, such
as requiring the company's management to report on those risks regularly.
They are seeking damages on behalf of the company and to
reform the company's policies on cybersecurity oversight.
The lawsuit is the latest fallout over the breach of
SolarWinds' software, which gave hackers access to the data of thousands of
companies and government offices that used its products and which U.S.
officials have attributed to Russia.
SolarWinds has said it is cooperating with investigations into the breach by the U.S. Securities and Exchange Commission, Department of Justice and others. The company has moved to dismiss another shareholder lawsuit seeking damages for a decline in its share price. -Reuters
0 comments:
Post a Comment