Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years. The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server. Several US lawmakers ripped into SolarWinds for the password issue Friday, in a joint hearing by the House Oversight and Homeland Security committees. “I’ve got a stronger password than ‘solarwinds123’ to stop my kids from watching too much YouTube on their iPad,” said Rep. Katie Porter. “You and your company were supposed to be preventing the Russians from reading Defense Department emails!

Article Link – https://www.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.html

Discussion Questions:

1. Identify three key takeaways from the article. What did you find most interesting?
2. How do you think SolarWinds could have handled the situation differently?
3. What are some of the lessons to be learned as a result of the SolarWinds breach?

Source: Brian Fund and Geneva Sands, “www.cnn.com.”, February 26, 2021.