The US government was rattled this week by a cyberattack that compromised a third-party software vendor’s systems and led to data breaches at several federal agencies, including the Department of Commerce, the Department of Energy and the Department of Homeland Security’s cyber arm.
But the attack on SolarWinds, a firm that was far from a household name before, has also put many of the biggest companies in the country on alert.
SolarWinds said in an investor filing this week that as many as 18,000 of its customers — out of a total of 300,000 — may have been running software containing the vulnerability that allowed the hackers to penetrate the Commerce Department. US officials suspect Russian-linked hackers are behind the breach.
SolarWinds provides services to more than 425 companies in the US Fortune 500, it boasted on a page on its website that has since been taken down but remains accessible on the Wayback Machine internet archive.
The firms listed on the page included big names such as Cisco, AT&T, Microsoft, Comcast and McDonald’s, as well as financial giants Visa and Mastercard. A number of these firms told CNN Business that they are currently conducting investigations. At least two say they have been affected to some degree.
A Cisco spokesperson told CNN Business on Friday that it had “identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints.”
Video: US agencies investigating hack of government networks (CNN)
“At this time, there is no known impact to Cisco offers or products,” the spokesperson said. “We continue to investigate all aspects of this evolving situation with the highest priority.”
Microsoft also acknowledged that it was impacted by the hack.
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries…