SolarWinds Top Executives Hit with Shareholder Class Action Lawsuit Over Orion Breach

SolarWinds App

SolarWinds Corporation and two of its top executives have been hit with a class action lawsuit from its shareholders. The lawsuit seeks to recover shareholder losses caused by plummeting share prices due to the Orion platform breach.

Lawsuit Filed Under Federal Securities Laws

SolarWinds Corporation and two of its top executives have been hit with a class action lawsuit from its shareholders. The executives in question are outgoing CEO, Kevin Thompson, and chief financial officer, J. Barton Kalsu. The lawsuit relates to the breach of the SolarWinds’ Orion platform, which has impacted some 250 public and private entities.

The class action lawsuit was filed on 4 January by a shareholder, Timothy Bremer. It was brought on behalf of all shareholders who bought SolarWinds shares between 24 February and 15 December 2020. The lawsuit seeks to recover shareholder losses caused by SolarWinds’ plummeting share prices after the Orion breach announcement.

The complaint claims both executives violated federal securities laws by making false statements to the US Securities and Exchange Commission (SEC) in the year leading up to the Orion breach. The SolarWinds lawsuit requests that the court determine to what extent the company’s public statements violated securities laws. Also, the level of Thompson’s and Kalsu’s involvement and the compensation amount shareholders may be entitled to.

Misleading Shareholders

The lawsuit alleges SolarWinds lied and misled shareholders as to the true state of the company’s security leading up to the Orion breach. This kept the company’s share prices artificially high, which plunged after the breach’s announcement, causing major shareholder losses. Investigations are likely to center around whether SolarWinds willfully misled investors about the security of its products.

The lawsuit accuses SolarWinds, Thompson and Kalsu of failing to disclose that the company’s Orion platform was vulnerable to cyberattack. A requirement under securities laws. According to the complaint, SolarWinds was aware that the platform had a vulnerability since at least mid-2020. However, the company did not fix the vulnerability, nor did they disclose this to the SEC or shareholders. The vulnerability allowed hackers to comprise the server on which the platform ran and led to a global hacking campaign.

The complaint also claims SolarWinds security practices were lax. Apparently, the company had been made aware that its Orion update server was vulnerable because it used a weak password. Security researcher, Vinoth Kumar, discovered that the update server used the password “solarwinds123”. However, SolarWinds allegedly did not react appropriately to this discovery and “days after SolarWinds realized their software had been compromised, the malicious updates were still available for download.” This left many companies using SolarWinds products open to attack.

Consequently, the complaint states “As a result of Defendants’ wrongful acts and omissions, and the precipitous decline in the market value of the Company’s securities, Plaintiff and other Class members have suffered significant losses and damages.”

SolarWind Share Price Slump

Furthermore, the complaint alleges SolarWinds market price was “artificially inflated” due to the company’s “materially false and misleading” statements. It claims that shareholders who bought shares in 2020 would not have done so if they hadn’t been misled.

“Had Plaintiff and the other members of the Class been aware that the market price of SolarWinds securities had been artificially and falsely inflated by Defendants’ misleading statements and by the material adverse information which Defendants did not disclose, they would not have purchased SolarWinds securities at the artificially inflated prices that they did, or at all,” the lawsuit states.

In addition, the complaint states that the misleading statements and inadequate disclosures influenced some shareholders to keep their shares. Even though the company was aware of the vulnerabilities that eventually led to the breach.

The day before the Orion breach was announced, SolarWinds shares were trading at $23.55 per share. On the day of the announcement, the share price fell by 17%. Then, on the news that a weak password was used on the SolarWinds update server, the share price fell a further 8%. Today SolarWinds shares are trading at $14.43 per share, down 38.7% from the price before the Orion platform’s breach announcement.

Interesting Aside

Interestingly, the SolarWinds lawsuit does not mention that some trades conducted by SolarWinds executives are being scrutinized for insider trading. Allegedly, two investment firms, Silver Lake and Thoma Bravo, sold off millions of dollars in SolarWinds shares 6 days before the Orion breach became public.

The two firms together own 70% of SolarWinds and hold 6 seats on SolarWinds’ 11-member board. Consequently, it is likely that the firms had access to key information regarding the Orion breach before it was made public.

On 7 December, Silver Lake sold $158 million worth of SolarWinds shares. On the same day Thoma Bravo sold $128 million worth of its SolarWinds shares. Thompson, who stepped down as SolarWinds CEO on 7 December, sold $15 million in company shares in November.

The timing of these trades raises questions as to whether major shareholders used inside information to avoid large losses after the breach’s announcement. It is not known when SolarWinds’ executives and other insiders first learnt of the breach. However, the trades are likely to spark an investigation by US federal securities watchdogs into whether they amount to insider trading.

Information technology expert
Grace is an information technology expert who joined the VPNoverview team in 2019, writing cybersecurity and internet privacy-based news articles. Due to her IT background in legal firms, these subjects have always been of great interest to her.