Why ‘blaming the intern’ won’t save startups from cybersecurity liability – TechCrunch

SolarWinds is back The company accused the company of poor security practices in hot water following a shareholder lawsuit, in which they said the hackers had hacked at least nine government agencies and Hundreds of companies.

The lawsuit states that SolarWinds used an easily predictable password “Solarwinds123” on an update server, which was later disbanded by supporters “Russian is likely in origin.” Former SolarWinds CEO Sudhakar Ramakrishna, speaking at a Congress hearing in March, ignored a bad password.

There are countless cases of companies suffering from breaches by vendors and contractors in the supply chain.

Experts are still trying to understand how the hackers broke into SolarWind Server. But weak passwords reveal broader issues about the company’s security practices – including how easily predictable passwords were allowed to be set to begin with.

Even if the intern is convicted, SolarWinds faces what is known as a bizarre liability – and can lead to heavy fines.