SolarWinds Hides List of Its High-Profile Corporate Clients After Hack

In the wake of revelations about the hacking of SolarWinds software, which is used by federal government agencies and many prominent corporations, the company has hidden the names of the clients previously listed on its website.

On the site's "Customers" page, a 404 Page Not Found message has replaced a list of the tech company's clients. A cached version of the original "Customers" page is still available online. The Verge first reported the change on SolarWinds' website.

A company spokesperson told Newsweek that SolarWinds "removed" the webpage "as a courtesy to our customers."

The cached webpage explains that SolarWinds clients include "more than 425 of the US Fortune 500, all ten of the top ten US telecommunications companies, all five branches of the US Military, the US Pentagon, State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States, all five of the top five US accounting firms [and] hundreds of universities and colleges worldwide."

Companies such as AT&T, Ford Motor Company, CBS, MasterCard, Nestle, Blue Cross Blue Shield and hundreds of others are among SolarWinds clients, according to the cached webpage. However, the extent to which these companies' data and systems were compromised is not yet known.

Hacker illustration
SolarWinds removed a list of corporate clients from its website after a hack of its software was reported Sunday. In this photo illustration, a hacker uses a computer on December 27, 2019 in Paris. Chesnot/Getty

"SolarWinds currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000," the company said Monday in an SEC filing.

News of the hack of the SolarWinds OrionIT product broke on Sunday. Since then a growing list of federal government agencies—including the Department of Homeland Security, the Treasury Department, the Commerce Department and the National Institutes of Health—have been reported to have been compromised by the massive cyberattack. Although official blame has not been established, unidentified sources told Reuters and the Associated Press that Russian hackers are believed to be behind the attack. Russia denies any involvement.

SolarWinds software is believed to have been compromised as early as March, when hackers added malware to a software update sent out to thousands of the company's clients. The malware granted hackers backdoor access to clients' computers for months before the breech was detected.

On Sunday, the Cybersecurity and Infrastructure Security Agency at the DHS issued an emergency directive to federal agencies to identify and shut down use of the software connected to government systems by noon on Monday. Meanwhile, private companies began investigating their systems to determine whether hackers had stolen or reviewed any data.

"They could have just compromised SolarWinds, but they did more," Vincent Liu, chief executive of security consulting firm Bishop Fox, told The Wall Street Journal. "They turned that one compromise into who knows how many other compromises that we're going to be learning about for weeks. We may never know the full impact," he said.

On Tuesday, the White House National Security Council announced on Twitter that a "Cyber Unified Coordination Group (UCG) has been established to ensure continued unity of effort across the United States Government in response to a significant cyber incident." The UCG is intended to establish a central coordination for investigating significant cyberattacks.

"The highly-trained and experienced professionals across the government are working diligently on this matter," said NSC spokesperson John Ullyot.

Speaking to Fox News on Monday, cybersecurity analyst Mark Wright, the chief security adviser at California-based cybersecurity startup Sentinel One, emphasized the magnitude of the cyberattack.

"It's been said on a scale of one to 10 this is probably an 11 for the type of attack, the magnitude and the potential damage it's done," Wright said.

"We have yet to even understand how big the damage assessment will be. But I guarantee you, by the time it's done, it will be far worse than what we think it is right now because we still haven't uncovered all of the people who have been attacked by this campaign," he said.

Although Russia has emerged as the primary suspect, it denied involvement and said it doesn't conduct such attacks against the U.S. Of course, public denials are normal, and many nations are known for engaging in cyber espionage that they routinely deny. Previous Russian cyberattacks have been well-documented by American and allied intelligence agencies.

"I reject these statements, these accusations once again," Dmitry Peskov, a spokesperson for Russian President Vladimir Putin, said Monday, Russia's Tass news agency reported. "It is wrong to groundlessly blame Russians right away. We have nothing to do with this."