These big firms and US agencies all use software from the company breached in a massive hack being blamed on Russia

Thomas Trutschel/Photothek via Getty Images

© Thomas Trutschel/Photothek via Getty Images
Thomas Trutschel/Photothek via Getty Images

  • Many companies and government agencies are clients of SolarWinds, the software company that suffered a massive, months-long hack made public on Sunday.
  • SolarWinds says it has more than 300,000 clients, including US government agencies and the vast majority of Fortune 500 companies.
  • It is unclear how many of them are using the software that was attacked. SolarWinds did not immediately respond to Business Insider’s request for comment.
  • Scroll down for a list of the most significant SolarWinds clients.
  • Visit Business Insider’s homepage for more stories.

Thousands of international companies and numerous US government agencies are clients of the company whose software was breached in a massive hack.

SolarWinds announced a “highly sophisticated” attack on its Orion software on Sunday. Cybersecurity company FireEye said Sunday it was tracking the attack, saying that it began earlier in 2020 and may have left some systems compromised for months.

The Trump administration admitted that hackers had gained access to a number of key government networks including the Treasury and the Commerce Department, The New York Times reported.

According to FireEye – which was itself hacked – the attackers gained access via the update server of a monitoring and management software made by SolarWinds called Orion IT.

The attack was “likely conducted by an outside nation state,” SolarWinds said. People familiar with the matter told Reuters that they believe the hack is Russian in origin.

The Russian Embassy in Washington DC denied responsibility.

It is unclear which companies and agencies are using the specific software that was affected, and if so, whether they have been targeted. SolarWinds did not immediately respond to Business Insider’s queries. 

FireEye said Sunday that the hack was “widespread, affecting public and private organizations around the world.”

Here is a list of the biggest agencies and companies that SolarWinds lists on its site as clients:

US agencies

  • The Office of the President of the United States
  • The Secret Service
  • The Department of Defense
  • The US Army, Marine Corps, Navy, Air Force, and Coast Guard
  • The State Department
  • The Federal Reserve
  • NASA
  • The NSA
  • The CDC
  • The Department of Justice

Major companies

  • Microsoft
  • Credit Suisse
  • Ford
  • Visa
  • Mastercard
  • AT&T
  • Procter & Gamble
  • PwC
  • Best Western
  • Lockheed Martin
  • Boston Consulting Group
  • CBS
  • Time Warner
  • Cisco
  • McDonald’s
  • Comcast
  • Ernst & Young
  • The Gates Foundation
  • Gillette
  • Blue Cross Blue Shield
  • Harvard
  • Sprint
  • Hertz
  • Volvo
  • Kodak
  • Nestlé
  • The New York Times
  • San Francisco Intl. Airport
  • Yahoo!

(Note: The full list of SolarWinds clients is larger)

Continue Reading

Source Article