Oddbean

@721737dc @077754c3 @edbfcbfa Top executives of the SolarWinds firm believe that the root cause of the supply chain attack was an intern who used a weak password for several years. The initial investigation suggested that the password “solarwinds123” was publicly accessible via a misconfigured GitHub repository since June 17, 2018. The issue was addressed on November 22, 2019.In December, Security researcher Vinoth Kumar revealed he notified the company of a publicly accessible GitHub repository that was leaking the FTP credentials of the company’s download website in the clear text. Threat actors could have used these credentials to upload tainted updates to the SolarWinds download site.In a hearing before the House Committees on Oversight and Reform and Homeland Security, CEO Sudhakar Ramakrishna confirmed that the password had been in use as early as 2017.