In a filing with the U.S. Securities and Exchange Commission, SolarWinds said it has tentatively agreed to pay $26 million to settle a lawsuit over its cybersecurity disclosures ahead of a December 2020 breach that exposed the data of thousands of companies and government offices, Reuters reports. The software company said the SEC alleges it violated U.S. securities law “with respect to its cybersecurity disclosures and public statements, as well as its internal controls and disclosure controls and procedures.” The company maintains its actions were “appropriate.” Editor’s note: Mode Analytics Head of Security and Privacy Rafae Bhatti, CIPP/US, CIPM, looks at takeaways from the SolarWinds breach.
SolarWinds agrees to tentative $26M settlement over data breach
Related stories
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
US Senate subcommittee ponders accountability for AI-assisted scams
Tracking evolving policy paradigms in a hallmark year for AI governance
