Former SolarWinds CEO Blames Intern for Setting Password ‘solarwinds123’Lucas Nolan 1 Mar 2021
Texas-based software company SolarWinds was the victim of a major hack recently that affected multiple government agencies and corporate clients. In a hearing before the House Oversight and Homeland Security Committees, the company’s former CEO blamed an intern that changed a company password to “solarwinds123.â€
Gizmodo reports that there has been a new development in the SolarWinds hacking saga, with the company’s former CEO Kevin Thompson blaming the hack partly on a company intern and an insecure server.
In a joint hearing on Friday, Thompson told representatives from the House Oversight and Homeland Security Committees that one SolarWinds server was protected by a very simple password: “solarwinds123.â€
Thompson alleged that this was “related to a mistake an intern made, and they violated our password policies.†Thompson further explained that the intern posted the password on their own private GitHub account. “As soon as it was identified and brought to the attention of my security team, they took that down,†Thompson said.
The password issue dates back to at least 2018 although testimony provided by SolarWinds on Friday appears to indicate that it could go back even further. Security researcher Vinoth Kumar told Reuters that he warned SolarWinds that anyone could access its update server using the “solarwinds123†password in December. According to CNN, the password was accessible online since at least June 2018.
However, at the hearing, SolarWinds’ current CEO, Sudhakar Ramakrishna, told lawmakers that the password was used on one of the intern’s servers in 2017.
more
https://www.breitbart.com/tech/2021/03/01/former-solarwinds-ceo-blames-intern-for-setting-password-solarwinds123/