US SEC drops suit against SolarWinds over lax cyber standards

By Neil Roland ( November 21, 2025, 00:09 GMT | Insight) -- The US Securities and Exchange Commission said it was dropping a lawsuit accusing SolarWinds Corp. and its chief information security officer of failing to warn investors about lax cybersecurity standards before the software developer suffered a huge data breach in 2020. The 2023 case, which marked the first time the regulator took a public company to court over its handling of a cyberattack, alleged that the Austin, Texas-based company hid vulnerabilities in connection with the high-profile Sunburst cyber attack.The US Securities and Exchange Commission said it was dropping a lawsuit accusing SolarWinds Corp. and its chief information security officer of failing to warn investors about lax cybersecurity standards before the software developer suffered a huge data breach in 2020....

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

US SEC drops suit against SolarWinds over lax cyber standards

Prepare for tomorrow’s regulatory change, today

Related Sections