Hacker News new | ask | show | jobs
by suid 1086 days ago
I think the key here is that SolarWinds' C-staff deliberately downplayed the severity of the attack, and were very late in informing customers and regulatory agencies of the severity of the attack.

I.e. they are being prosecuted not because they were "incompetent and got hacked", but that they then "tried to cover it up", which is where the SEC comes in (illegal stock manipulation via false or incomplete release of public information).
2 comments
rkagerer 1086 days ago
deliberately downplayed the severity of the attack

You mean like UPS just did?

https://news.ycombinator.com/item?id=36439033

link
b112 1086 days ago
I.e. they are being prosecuted not because they were "incompetent and got hacked", but that they then "tried to cover it up"

Capone was taken down for tax evasion. Any tool we have, is a good one.

And the more shareholders and board members feel lax security could lead to a bad path (eg hiding the result), the better for all.

I can hardly wait for the first civil lawsuits, for any such incident, by shareholders over negligence and loss of value.

I can hardly wait until everyone had to provide a license validation for all code they use, so we can finally put node crap to rest.

link
philipwhiuk 1086 days ago
> I can hardly wait until everyone had to provide a license validation for all code they use, so we can finally put node crap to rest.

I don't see a reason Node dies faster than say, Java, or Rust or ...

link