SolarWinds removed a list of notable clients from its website following a massive hack. The list is hosted on the Customers page of the company’s website and is easily accessible With Google Cache. But the page was Delete from the site itself, Which indicates that the company may try to hide its customers in an effort to protect them from bad advertising. Google’s cache shows that the page was still around as of Monday morning (around 11 AM ET). SolarWinds did not respond to a request for clarification.
SolarWinds continues to suffer from a large-scale Russia-linked hack that was reported on Sunday, which affected a host of government agencies and private companies. The hack was reportedly carried out by hacking SolarWinds’ Orion IT product, using Orion’s update system to spread the malicious code. As organizations scramble to determine who might be vulnerable, the list of organizations using Orion IT is the best guide many have.
The list of vulnerable companies is much smaller than SolarWinds’ overall customer list, so just appearing on the list doesn’t mean the company is affected. SolarWinds claims only 33,000 companies use the Orion product, compared to its total customer base of 330,000. Of its 33,000, the company estimates that fewer than 18,000 have been directly affected by a malicious update, and the list of directly targeted companies is likely smaller. However, much remains unknown about the attack, and it is likely that no additional compromises have been discovered yet.
SolarWinds’ comprehensive customer list includes a wide range of critical organizations. Before its removal, the page boasted of a wide range of customers, including more than 425 Fortune 500 companies as well as the 10 largest telecom operators in the United States. In an article on MondayAnd the The The New York Times A number of organizations cited as weak that were not mentioned on the public client page, including Boeing and Los Alamos National Laboratory.
Other organizations have been wary of its exposure, even within the federal government. Several news outlets reported that the breach affected the Department of Homeland Security, but the ministry did not release any official statement regarding its disclosure.
The chaos has been exacerbated by the departure of Christopher Krebs, a federal cybersecurity executive, who has been sacked as director of the Internet Security and Infrastructure Agency (CISA) after contradicting President Trump’s unfounded allegations of election interference.
according to Politico Transfer, The growing scale of the crisis pushed CISA resources to breaking point. As one official said Politico“Many agencies don’t know how to catch fire yet.”