Privacy and Information Security Law Blog – Legal Insights and Updates

July 2, 2025

SolarWinds has come to a preliminary agreement with the US Securities and Exchange Commission concerning the agency’s legal action for securities fraud. The lawsuit was a result of the cybersecurity company’s involvement in a significant breach that compromised various federal agencies and corporations. The settlement still needs to be approved by the SEC commissioners before it is final. The terms of the agreement are not disclosed at this time, but once approved, they will be made public.

The cybersecurity incident involving SolarWinds was a major breach that caught the attention of authorities and cybersecurity experts worldwide. Hackers were able to infiltrate SolarWinds’ software update system, which allowed them to insert malware into the updates. This malicious code was then distributed to SolarWinds’ customers through software updates. Thousands of companies and government agencies that used SolarWinds software were affected by this breach. The severity of the incident prompted investigations by authorities, including the SEC, to determine the extent of the damage and the accountability of SolarWinds.

As a result of the breach, SolarWinds faced legal action from various entities, including the SEC. The agency accused the company of securities fraud, claiming that SolarWinds made false and misleading statements about the security of its systems and the protection of its customers’ data. The lawsuit sought to hold SolarWinds accountable for its alleged misconduct and to ensure that measures are taken to prevent similar incidents in the future. The agreement reached in principle between SolarWinds and the SEC represents a step towards resolving the legal issues surrounding the cybersecurity breach.

The terms of the settlement between SolarWinds and the SEC have not been released to the public, pending final approval from the agency. Once the agreement is finalized, the details will be disclosed, providing transparency on the resolution of the securities fraud lawsuit. This agreement is a significant development in the legal proceedings against SolarWinds and marks a step forward in addressing the consequences of the cybersecurity breach that impacted numerous organizations worldwide.

SolarWinds has cooperated with authorities throughout the investigation into the cybersecurity incident and has taken steps to enhance its security measures and protocols. The company has been working to rebuild trust with its customers and stakeholders by demonstrating its commitment to cybersecurity and data protection. The resolution of the securities fraud lawsuit with the SEC will be a crucial milestone for SolarWinds as it seeks to move forward from the cybersecurity breach and focus on strengthening its cybersecurity practices to prevent future incidents.