Ars Technica
About 18,000 organizations around the world downloaded network management tools that contained a backdoor that a nation state used to install malware that stole sensitive data, the tools provider, SolarWinds, said on Monday.
The disclosure from Austin, Texas-based SolarWinds, came a day after the US government revealed a major security breach hitting federal agencies and private companies. The US Departments of Treasury, Commerce, and Homeland Security departments were among the federal agencies on the receiving end of hacks that gave access to email and other sensitive resources. Federal agencies using the software were instructed on Sunday to disconnect systems that run the software and perform a forensic analysis of their networks.