SolarWinds blamed an intern for a critical password lapse that went unnoticed for several years. CEO Sudhakar Ramakrishna testified that the password “solarwinds123” was in use as early as 2017. At least nine government agencies and 100 private sector companies have been breached in what’s being described as one of the most sophisticated and well-planned operations that involved injecting the malicious implant into the Orion Software Platform with the goal of compromising its customers. Up to 18,000 customers are believed to have received the trojanized Orion update.
Source: https://thehackernews.com/2021/03/solarwinds-blame-intern-for-weak.html