In a new wrinkle in the still-unfolding SolarWinds saga, it appears that some of the company’s top investors have sold nearly a combined $ 280 million worth of stock just days before news of its role in a far-reaching federal cyber attack became public.
That is according to a new Washington Post report which specifically mentions two investment firms:Silver more and Thoma Bravo– who together own a whopping 70% of all shares in SolarWind and hold six of the company’s board seats. The two firms sold $ 158 million and $ 128 million in stock respectively on December 7 – six days before SolarWinds announced that some of its monitoring products have been subjected to a “highly sophisticated” attack at the hands of an unnamed nation-state.
Interestingly, these sales also took place just days before the company’s longtime CEO, Kevin Thompson, announced his resignation after nearly 10 years with the company.
The sequence of events could raise eyebrows among enforcement officials, given SolarWinds’ booth fell confused of about 22% in the immediate aftermath of the breach. Jacob S. Frenkel, as former SEC senior adviser told The Post, major transactions ahead of a major announcement – such as a change in leadership or the disclosure of a major infringement – are “a formula for an insider trading investigation”. . Such a probe could take up to a year, he added.
To briefly look back on how SolarWinds ended up in the cyber spotlight: on December 8, the cyber security company FireEye announced that had been the victim of a cyber attack that, as CEO Kevin Mandia said in a blog post Ultimately, this eventually resulted in some of the company’s high-profile hacking tools being hijacked. Mandia did not publicly speculate on who was behind the attack, but White House officials have pointed to Russian intelligence as a possible culprit, according to separate reports from The mail and The times.
G / O Media can receive a commission
Ultimately, the attack could be traced back to a back door built into Orion – an IT management platform produced by SolarWinds that some companies come from. told The Wall Street Journal formed the basis of “plumbing” for an untold number of companies. In a Submit to the SEC, SolarWinds stated that it made about $ 343 million in the first nine months of this year from its numerous Orion products. In total, that accounted for almost 45% of the company’s turnover in that period.
In the aftermath of the attack, SolarWinds announced those of Orion’s 33,000 users, “less than 18,000”, downloaded an update in March and June of this year that the company said was secretly packaged with malware. Aside from FireEye, Reuters later reported that SolarWinds’ back door was used to breach systems belonging to the Department of Homeland Security, Treasury and Commerce, others.
On the same day that SolarWinds published its disclosure, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a emergency directive claim that this compromise posed “unacceptable risks” to the overall safety and security of federal networks.
In a joint statement to The Post, representatives for both Silver Lake and Thomas Bravo said the stock sales were the result of a “private placement” with a single investor, and that neither was aware of the impending cyber attack before they were entered into that deal. We’ve reached out to SolarWinds for comment and will update here when we hear back.