SolarWinds Orion Cybersecurity Breach Shareholder & Customer Litigation
Case Overview
In December 2020, cybersecurity firm FireEye revealed one of the most significant supply-chain cyberattacks in history: malicious code had been secretly inserted into SolarWinds' Orion IT monitoring software updates, distributed to approximately 18,000 customers including the U.S. Treasury, the Department of Homeland Security, the Pentagon, Microsoft, and numerous Fortune 500 companies. The attack, attributed to Russian foreign intelligence (SVR), gave hackers months of undetected access to sensitive government and corporate networks. SolarWinds shareholders filed a securities fraud class action alleging that the company had materially misrepresented its cybersecurity posture and internal controls to investors in the period leading up to the breach's discovery, causing significant stock price losses.
The shareholder class action was settled for $26 million in 2023 — a relatively modest figure given the scale of the breach — with the court granting final approval. Separately, the U.S. Securities and Exchange Commission filed its own enforcement action against SolarWinds and its Chief Information Security Officer Timothy Brown in October 2023, alleging fraud and internal control failures; that case generated significant industry controversy and was partially dismissed in 2024 before being further litigated. Customer-side litigation by affected government contractors and private entities continues in various forums. The case has had a profound impact on cybersecurity disclosure standards for publicly traded companies.
Who May Qualify
For the shareholder class action (now settled): investors who purchased SolarWinds common stock between October 18, 2018 and December 17, 2020. For ongoing customer-side claims: organizations that used SolarWinds Orion software and suffered network intrusions, data loss, or remediation costs as a result of the 2020 supply-chain attack.
Frequently Asked Questions
Was the SolarWinds shareholder lawsuit settled?
Yes. The shareholder securities fraud class action was settled for $26 million, with final court approval granted in 2023. Eligible shareholders who purchased SolarWinds stock between October 2018 and December 2020 and filed timely claims received distributions from the settlement fund.
Can my company sue SolarWinds for the Orion cyberattack damages?
Potentially. Organizations that used the compromised Orion software and suffered verifiable harm — including incident response costs, data loss, or regulatory penalties — may have claims in negligence or breach of contract. However, SolarWinds has raised defenses including the sophistication of the state-sponsored attackers. Consult a cybersecurity litigation attorney to assess your specific situation.
What happened with the SEC lawsuit against SolarWinds?
The SEC filed a landmark enforcement action against SolarWinds and its CISO in October 2023, alleging they defrauded investors by overstating cybersecurity practices. A federal judge partially dismissed the case in 2024, throwing out claims related to post-breach disclosures but allowing pre-breach misrepresentation claims to proceed. The case remains an important test of executive cyber-disclosure accountability.