The SolarWinds drama just don’t stopIt’s a story of Russian hackers – and possibly Chinese hackers – alleged email espionage, and a gaping hole of security vulnerabilities that seem to get worse as more details come to light. Now we can add another twist to the story: the ridiculously insecure password ‘solarwinds123’. In the latter case, SolarWinds would like to let you know that it was the intern’s fault.

In a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told representatives of the House Oversight and Homeland Security Committees that the “solarwinds123” password, which protected a server at the company, “was related to a mistake an intern made that violated our password policy.” Thompson explained to lawmakers that the intern posted the password on their own GitHub account.

“Once it was identified and brought to the attention of my security team, they removed it,” Thompson said.

The password security issue dates back to at least 2018, though SolarWinds testimonials on Friday indicate it could go back even further. Security researcher Vinoth Kumar arrived in December said Reuters that he had warned SolarWinds that anyone could access the update server using “solarwinds123.” CNN reported that the password has been accessible online since at least June 2018.

However, during the hearing, Sudhakar Ramakrishna, the current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.

According to CNN, Kumar SolarWinds showed that the password allowed him to log in and put files on his server. This was a way for any hacker to upload malicious programs to SolarWinds, the researcher said.

“I have a stronger password than ‘solarwinds123’ to keep my kids from watching too much YouTube on their iPad,” California Democrat Representative Katie Porter told SolarWinds officials during the hearing.

At this point, however, it’s still uncertain whether the password leak played a role in the SolarWinds hack, noted CNN, which is believed to be the largest foreign burglary campaign in US history. This month, White House national security adviser Anne Neuberger stated that about 100 different companies and nine federal agencies, including the one overseeing nuclear weapons, had been compromised by foreign hackers.

The government is currently investigating the hack, and it is still unclear that data hackers could have accessed. The investigation is expected to take several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, said we may never know the scale of the attack.

“The bottom line: we may never know the full range and extent of damage, and we may never know the full range and extent of how the stolen information benefits an opponent,” said Mandia.

Nevertheless, we know one of the causes of the attack: a poor, nameless intern who threw SolarWinds under the bus.

The SolarWinds drama just don’t stopIt’s a story about Russian hackers – and possibly Chinese hackers – alleged email espionage, and a yawning hole of security vulnerabilities that seem to get worse as more details come to light. Now we can add another twist to the story: the ridiculously insecure password ‘solarwinds123’. In the latter case, SolarWinds would like you to know that it was the intern’s fault.

In a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told representatives of the House Oversight and Homeland Security Committees that the “solarwinds123” password, which protected a server at the company, “was related to a mistake an intern made that violated our password policy.” Thompson explained to lawmakers that the intern posted the password on their own GitHub account.

“Once it was identified and brought to the attention of my security team, they removed it,” Thompson said.

The password security issue dates back to at least 2018, though SolarWinds testimonials on Friday indicate it could go back even further. Security researcher Vinoth Kumar arrived in December said Reuters that he warned SolarWinds that anyone could access the update server using “solarwinds123.” CNN reported that the password has been accessible online since at least June 2018.

However, during the hearing, Sudhakar Ramakrishna, the current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.

According to CNN, Kumar SolarWinds showed that the password allowed him to log in and put files on his server. This was a way for any hacker to upload malicious programs to SolarWinds, the researcher said.

“I have a stronger password than ‘solarwinds123’ to keep my kids from watching too much YouTube on their iPad,” California Democrat Representative Katie Porter told SolarWinds officials during the hearing.

At this point, however, it’s still uncertain whether the password leak played a role in the SolarWinds hack, noted CNN, which is believed to be the largest foreign burglary campaign in US history. This month, White House national security adviser Anne Neuberger stated that about 100 different companies and nine federal agencies, including the one overseeing the nuclear weapons, had been compromised by foreign hackers.

The government is currently investigating the hack, and it is still unclear that data hackers could have accessed. The investigation is expected to take several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, said we may never know the scale of the attack.

“The bottom line: we may never know the full range and extent of damage, and we may never know the full range and extent of how the stolen information benefits an opponent,” said Mandia.

Nevertheless, we know one of the causes of the attack: a poor, nameless intern who threw SolarWinds under the bus.