Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
  1. Homepage
  2. Equities
  3. United States
  4. Nasdaq
  5. Apple Inc.
  6. News
  7. Summary
    AAPL   US0378331005


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America

09/10/2021 | 03:50pm EDT
FILE PHOTO: Exterior view of SolarWinds headquarters in Austin

(Reuters) - A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, according to six people familiar with the inquiry.

The SEC is asking companies to turn over records into "any other" data breach or ransomware attack since October 2019 if they downloaded a bugged network-management software update from SolarWinds Corp, which delivers products used across corporate America, according to details of the letters shared with Reuters.

People familiar with the inquiry say the requests may reveal numerous unreported cyber incidents unrelated to the Russian espionage campaign, giving the SEC a rare level of insight into previously unknown incidents that the companies likely never intended to disclose.

"I've never seen anything like this," said a consultant who works with dozens of publicly traded companies that recently received the request. "What companies are concerned about is they don't know how the SEC will use this information. And most companies have had unreported breaches since then." The consultant spoke on condition of anonymity to discuss his experience.

The requests are voluntary, and companies are obliged to disclose anything material to investors. But the fact the inquiries comes from the SEC's enforcement staff could raise the prospect of investigations and steep penalties if companies fail to disclose breaches or did not have the appropriate controls in place to deal with past attacks, four attorneys who regularly handle SEC cases said.

An SEC official said the request's intent was to find other breaches relevant to the SolarWinds incident.

The SEC told companies they would not be penalized if they shared data about the SolarWinds hack voluntarily, but did not offer that amnesty for other compromises or breaches.

Cyberattacks have grown in both frequency and impact, prompting deep concern in the White House over the last year. U.S. officials have faulted companies for failing to disclose such events, arguing that it conceals the extent of the problem from shareholders, policymakers and law enforcement looking for the worst offenders.

People familiar with the SEC investigation told Reuters the letters went to hundreds of companies, including many in the technology, finance and energy sectors, thought to be potentially affected by the SolarWinds attacks. That number exceeds the 100 that the Department of Homeland Security said had downloaded the bad SolarWinds software and then had it exploited.

Since last year, only about two dozen firms have been publicly identified as impacted, including Microsoft Corp, Cisco Systems, FireEye Inc and Intel Corp. Of those contacted for this story only Cisco confirmed receiving the SEC letter. A Cisco spokesperson said it has responded to the SEC's request.

Cybersecurity research has also suggested https://www.netresec.com/?page=Blog&month=2021-01&post=Twenty-three-SUNBURST-Targets-Identified software maker Qualys Inc and oil energy company Chevron Corp were among those targeted in the Russian cyber operation. Both declined to comment on the SEC investigation.

About 18,000 clients of SolarWinds downloaded a hacked version of its software, which the cyber criminals manipulated for potential future access. Yet only a small subset of those customers saw follow-on hacking activity, suggesting the attackers infected far more companies than they ultimately victimized.

The SEC sent letters last month to companies believed to have been affected, following an initial https://www.reuters.com/technology/us-sec-official-says-agency-has-begun-probe-cyber-breach-by-solarwinds-2021-06-21 round sent in June, according to six sources who have seen the letters.

The second wave of requests were addressed to recipients at companies from the first round who had not responded. The exact number of recipients is unclear.

The current probe is "unprecedented," said Jina Choi, a partner at Morrison & Foerster LLP and former SEC director who has worked on cybersecurity cases.

"I can't recall a sweep of this breadth that was not publicly announced, so that folks could really understand what the goal was of the SEC's investigation," she said.

Though the SEC issued guidance a decade ago calling for companies to disclose hacks that could be material, then updated that guidance in 2018, many disclosures have been vague or boilerplate, attorneys said.

Former SEC official Jay Dubow said the SEC's approach could be less about the SEC being aggressive and more about trying to understand the impacts of the SolarWinds incident.

"The SEC was faced with a situation where you have SolarWinds and so many of their clients were public companies and other government agencies. What is the most efficient way for the SEC to try to figure out the extent of all this?" Dubow, an attorney at Troutman Pepper, said.

Regulators have at times been hesitant to penalize companies for such issues, given they are victims of these attacks.

Gary Gensler, who took the helm at the SEC in April, has tasked the agency with issuing new disclosure requirements ranging from cybersecurity to climate risk.

While the hack was first reported by Reuters https://www.reuters.com/article/us-usa-cyber-treasury-exclusive-idUSKBN28N0PG more than nine months ago, the actual impact of the wide-scale digital spying operation, which U.S. officials say came from a Russian intelligence service, remains largely unknown.

Government officials have shied away from sharing a comprehensive account of what was stolen or what the Russians were after, but described it as traditional government espionage.

In scores of SEC filings reviewed by Reuters, most companies referring to the SolarWinds hacks cite the events only as an example of the sort of intrusion they might one day experience. Of those that do say they had SolarWinds software installed, most say they do not believe their most sensitive data was taken.

But some companies that say the hackers did get into their systems, such as Sana Biotech, admitted they cannot be sure there was a larger issue.

"Although investigations remain ongoing regarding the extent to which our confidential information was accessed, lost or stolen as a result of this cyberattack on SolarWinds, any such access, loss or theft could have a materially adverse effect on our business," Sana Biotech declared in its annual 10k filing.

John Reed Stark, former head of the SEC's office of internet enforcement, said "companies will struggle to answer these questions - not just because these are broad, sweeping and all-encompassing requests, but also because the SEC is bound to discover some sort of mistake" in what they've previously disclosed.

(Reporting by Christopher Bing, Chris Prentice and Joseph Menn; Editing by Chris Sanders and Edward Tobin)

By Christopher Bing, Chris Prentice and Joseph Menn

© Reuters 2021
Stocks mentioned in the article
ChangeLast1st jan.
APPLE INC. 0.48% 149.46 Delayed Quote.12.11%
INTEL CORPORATION 0.08% 55.22 Delayed Quote.10.82%
MANDIANT, INC. -0.11% 18.12 Delayed Quote.-20.16%
MICROSOFT CORPORATION -0.32% 307.2 Delayed Quote.38.58%
QUALYS, INC. -1.06% 113.73 Delayed Quote.-5.68%
All news about APPLE INC.
10:52aAPPLE : to Beat Q3 Street Estimates 'Across The Board' on Robust iPhone 13 Demand, Wedbush..
09:41aWALL STREET STOCK EXCHANGE : Earnings season, bitcoin and the metaverse
07:42aAPPLE INC : Goldman Sachs reiterates its Neutral rating
04:54aThe latest from London: Mixed signals
04:44aTaiwan Sept export orders beat forecast, warns on China curbs
01:44a'THEY'LL HAVE TO PAY' : Malaysia chip crunch triggers new era in supply deals
01:38aAI CAN SEE THROUGH YOU : CEOs' language under machine microscope
01:04aFoxconn sets sights on making EVs in Europe, India, Latin America
10/19Wall Street ends higher as investors bet on positive earnings season
More news
Analyst Recommendations on APPLE INC.
More recommendations
Financials (USD)
Sales 2021 366 B - -
Net income 2021 93 830 M - -
Net cash 2021 78 438 M - -
P/E ratio 2021 26,7x
Yield 2021 0,58%
Capitalization 2 459 B 2 459 B -
EV / Sales 2021 6,50x
EV / Sales 2022 6,29x
Nbr of Employees 147 000
Free-Float 99,0%
Duration : Period :
Apple Inc. Technical Analysis Chart | AAPL | US0378331005 | MarketScreener
Technical analysis trends APPLE INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 43
Last Close Price 148,76 $
Average target price 166,53 $
Spread / Average Target 11,9%
EPS Revisions
Managers and Directors
Timothy Donald Cook Chief Executive Officer & Director
Luca Maestri Chief Financial Officer & Senior Vice President
Arthur D. Levinson Independent Chairman
Kevin M. Lynch Vice President-Technology
Jeffrey E. Williams Chief Operating Officer
Sector and Competitors
1st jan.Capi. (M$)
APPLE INC.12.11%2 459 027
DORO AB (PUBL)37.69%179