Major software company SolarWinds got hacked because an intern used “solarwinds123” as a password

The government is still investigating the SolarWinds hack that was also termed the digital version of the famous Pearl Harbor. The precise vulnerability that led the hackers to access the company’s servers is still unknown, but it has emerged that an intern’s highly unsecured password could be one reason.

A former SolarWinds CEO, Kevin Thompson, told representatives from the U.S. House Oversight and Homeland Security Committees that the “solarwinds123” password, which protected a server at the company, was “related to a mistake an intern made, and they violated our password policies.”

Thompson also told the lawmakers that the intern had posted the password on their own private GitHub account in a blatant disregard of the company’s password policy.

The SolarWinds hack has been termed the largest foreign intrusion in the United States’ history, with suspicions raised on China. Some 100 different companies and nine federal agencies were compromised as a result of the cyber-attack.  The United States continues to deal with the aftershocks of the SolarWinds saga, with newer details, twists and turns emerging as the senate hearing relating to the attack continues and executives of the company testify.

Read More: ISPR identified a major cyber-attack by the neighboring country’s intelligence agency

Source: Gizmodo