They violated our password policies and they posted that password on an internal, on their own private Github account. Thompson told a joint US House of Representatives Oversight and Homeland Security Committees hearing that the password was "a mistake that an intern made. That's not the impression SolarWinds' brass gave Congress earlier. Therefore, the credentials using this password had nothing to do with the SUNBURST attack or other breaches of the company's IT systems. A Goldin Solutions representative, a crisis-response PR firm, now claims, however, that SolarWinds has "determined that the credentials using that password were for a third-party vendor application and not for access to the SolarWinds IT systems." Indeed, the spokesperson claims that the application didn't even connect with the SolarWinds IT systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |