Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Eniola Odetunde/Axios

SolarWinds is at the heart of what might be the most significant cybersecurity breach in U.S. history, as hackers used an exploit in its system to possibly access everything from the National Nuclear Security Administration to most of the U.S. Fortune 500.

What's new: The IT vendor is (belatedly) pushing back against suggestions that its two largest investors engaged in insider trading ahead of the hack revelations.

The history: Texas-based SolarWinds was taken private in 2016 for $4.5 billion by private equity firms Silver Lake and Thoma Bravo. It then completed an IPO in October 2018.

  • In August 2020 SolarWinds announced plans to hire a new CEO.
  • On Dec. 7, Silver Lake and Thoma Bravo sold around $315 million in SolarWinds stock to Canada Pension Plan Investment Board (CPPIB). The two firms retained equity positions and seats on the SolarWinds board of directors.
  • On Dec. 8, U.S. cybersecurity company FireEye disclosed that it had been hacked, likely by a government.
  • On Dec. 9, SolarWinds named its new CEO.
  • On Dec. 14 came reports that both the U.S. Treasury and Commerce Departments had been hacked, with FireEye publicly identifying SolarWinds for the first time.
  • SolarWinds on Dec. 14 acknowledged it "has been made aware" of the hack, but declined to say when. One day later, the Washington Post published a story questioning the stock sales.

All of which leads us to yesterday, when SolarWinds put more details on its calendar.

  • Per an 8-K filing, SolarWinds says its CEO was first informed of the situation, by FireEye, on Dec. 12.
  • SolarWinds doesn't say when the board, including Silver Lake and Thoma Bravo reps, were informed, but the implication is that it couldn't have been before the 12th. If so, the trades were clean and CPPIB simply has a case of awful luck, as SolarWinds stock is down 26% on the week.

In a statement, the private equity firms said: “Thoma Bravo and Silver Lake were not aware of this potential cyberattack at SolarWinds prior to entering into a private placement to a single institutional investor on 12/7.”

  • A CPPIB spokesman declined to comment on if the system was aware of SolarWinds' CEO hire when closing its purchase.

The bottom line: Expect U.S. securities regulators to trust but verify.

Go deeper: Cyberhack looks like an act of war

Update: CPPIB provided Axios with the following statement on Friday afternoon:

"Terrific partners with a long track record of collaboration. Really good company and we expect they will continue to create exceptional value along our investment horizon.
To the best of our knowledge no one was aware of the hack leading to our capital commitment. Nonetheless we are always focused on the very best interests of the Fund and we will continue to assess the circumstances for optimal certainty."

Go deeper

National Security Council names Russia as "likely" origin of U.S. agency breach

Illustration: Sarah Grillo/Axios

A U.S. task force responsible for investigating the massive cyberattack that breached the departments of Defense, State and Homeland Security — among others — identified the hack as "likely Russian in origin," per a joint statement on Tuesday.

Why it matters: This is the first time the federal government has formally named Russia as the likely origin of the attack.

2 hours ago - World

UN Security Council meeting on Israel-Gaza as fighting enters 7th day

Smoke billows from a fire following Israeli airstrikes on multiple targets in Gaza on May 16. Photo: Mohammed Abed/AFP via Getty Images

The United Nations Security Council was preparing to meet Sunday, as the aerial bombardment between Israel and Hamas between entered a seventh day.

The latest: Four Palestinians died in airstrikes early Sunday, as Israeli forces bombed the home of Gaza's Hamas chief, Yehya al-Sinwar, per Reuters.

7 hours ago - World

In photos: Protests in U.S., across the world over Israeli–Palestinian conflict

A protest march in support of Palestinians near the Washington monument in Washington, D.C. on May 15. Photo: Andrew Caballero-Reynolds/AFP via Getty Images

Thousands of people rallied across the U.S. and the world Saturday following days of violence in Gaza and Israel that's killed at least 145 Palestinians, including 41 children, and eight Israelis, per AP.

The big picture: Most demonstrations were in support of Palestinians. There were tense scenes between pro-Israeli government protesters and pro-Palestinian demonstrators in Winnipeg, Canada, and Leipzig, Germany, but no arrests were made, CBS News and DW.com report.