SEC Drops Remaining Claims Against SolarWinds Over 2020 Hack

The company called the dismissal a ‘vindication’ of its efforts to fight the high-profile litigation.

SolarWinds said Thursday that it has received “vindication” from a U.S. Securities and Exchange Commission decision to drop remaining litigation against the company and its security chief over a widely felt 2020 hack.

“We are clearly delighted with the dismissal of the case against SolarWinds and our CISO, Tim Brown,” the company said in a statement provided to CRN.

In the 2020 attack, hackers linked to Russia’s SVR foreign intelligence unit infiltrated SolarWinds’ software supply chain and implanted malicious code within the company’s Orion network monitoring software. The tainted software was then downloaded by thousands of customers, including U.S. government agencies and major corporations, leading to numerous additional data breaches.

In October 2023, the SEC brought charges against SolarWinds and Brown—alleging fraud and internal control failures-but the high-profile case was severely gutted by a July 2024 decision from the U.S. District Court for the Southern District of New York.

In that ruling, Judge Paul Engelmayer dismissed the majority of the SEC’s claims of securities fraud and false filings based on SolarWinds’ statements and filings prior to the disclosures.

As of July, the case appeared headed to a settlement, while Engelmayer signed off on a request by SolarWinds and SEC to pause ongoing litigation over risk disclosures made by the company ahead of the attack.

The SEC disclosed Thursday that it has now dismissed its case against SolarWinds and Brown, in a brief statement posted online.

SolarWinds, meanwhile, said in its statement Thursday that the company had “fought [the SEC lawsuit] with conviction, arguing that the facts demonstrated our team acted appropriately.”

“This outcome is a welcome vindication of that position,” the company said.

SolarWinds added that it hopes the resolution of the suit “eases the concerns many CISOs have voiced about this case and the potential chilling effect it threatened to impose on their work.”