The U.S. Securities and Exchange Commission has unexpectedly dropped its case against SolarWinds and its CISO Timothy G. Brown, ending one of the most high-profile cybersecurity legal battles tied to a Russian supply-chain hack.
The Securities and Exchange Commission (SEC) announced that it filed a joint stipulation with SolarWinds and its Chief Information Security Officer Timothy G. Brown to dismiss its civil enforcement action. The regulator did not provide an explanation for its decision, stating only that it acted “in the exercise of its discretion.”
SolarWinds described the outcome as a “welcome vindication,” emphasizing that its teams acted appropriately during an unprecedented cyber incident. A company spokesperson said the resolution allows SolarWinds to “focus on delivering secure and innovative solutions without unnecessary distractions.”
An SEC spokesperson declined to offer additional comments.
The SolarWinds breach was uncovered in December 2020 by cybersecurity firm FireEye, which discovered that its own red-team tools had been stolen. Attackers tied to Russia had infiltrated the Orion Network Management platform developed by SolarWinds, injecting a backdoor known as SunBurst into legitimate software updates.
This compromise enabled the hackers to access networks of government agencies, municipalities, and major corporations around the globe. Victims included the U.S. Treasury, the Department of Homeland Security, the Department of Justice, and Microsoft—where attackers viewed parts of the source code for Azure, Exchange, and Intune.
In 2023, the SEC accused SolarWinds and its CISO of withholding information about the breach, sparking concern among cybersecurity leaders that executives could face excessive personal liability. Experts warned the case might discourage future CISOs and negatively affect industry talent.
The dismissal of the case removes a long-standing pressure point for the cybersecurity sector and may influence future regulatory approaches to incident disclosure. While the legal chapter has closed, the SolarWinds attack remains one of the most influential supply-chain breaches in modern history.
