You will almost certainly come across info of a Solarwinds breach at some point today or this week. The breach at the US Treasury, USG, Fire Eye, and others came from Solarwinds. Fortunately for us, this was a Solarwinds Core product involved, Orion, and not the same Solarwinds product that we use to support your networks. This is an extremely limited, targeted, and manually executed attack that was customized per entity hit. It is presumed that this was a nation-state actor, currently believed to be Russia. Huntress Labs has examined the code for the software probe that monitors your network and has determined that it is not affected.
For our co-managed BlueCentral IT clients with limited access to the Solarwinds N-Central RMM (remote monitoring and management system) for your networks, we have reset 2FA/MFA logins to be cautious. If you require access to N-Central, please let our Help Desk team know.
While Midnight Blue’s toolset is not implicated in the breach, we have taken defensive steps to help protect our clients.
Breaches such as this one are one of many reasons why we’re always on for our clients. It’s our bottom line to keep your networks secure before threats even happen.
Please do not hesitate to reach out with any questions or concerns.