You may have heard about the SolarWinds breach in late December of 2020.
On December 13, 2020, it was reported that a highly sophisticated hacking group was successful in breaching a prominent SolarWinds service used across several major sectors including Government, Energy and Finance. The hacking group was able to successfully insert a backdoor into a DLL file used by the SolarWinds Orion platform, which organizations use for IT monitoring and management. Once inside the targeted enterprise, the attackers were able to move around the environment and exfiltrate data.
Details pertaining to this security event can be found on SolarWinds website. Further, Cybersecurity & Infrastructure Security Agency issued an emergency directive to all federal agencies to immediately disconnect affected Orion products from their networks, clearly identifying the severity of this event.
At IDI, we have confirmed that we were NOT affected by this breach.
Here is more information from our hosting center, Otava: https://www.otava.com/blog/otava-update-on-the-recent-hack-of-government-agencies/