New York City District Council of Carpenters Pension Fund v. SolarWinds Corporation

Court: United States District Court for the Western District of Texas
Case Number: 1:21-cv-00138
Class Period: 10/18/2018 - 12/17/2020
Case Contacts: John Rizio-Hamilton, Hannah Ross, Jonathan D. Uslaner, Will Horowitz, Thomas Sperber

On February 9, 2021, after an extensive investigation and a careful evaluation of the merits of this case, Bernstein Litowitz Berger & Grossmann filed a class action lawsuit on behalf of its client, the New York City District Council of Carpenters Pension Fund, and all others similarly situated, for violations of the federal securities laws in the U.S. District Court for the Western District of Texas against SolarWinds Corporation (“SolarWinds” or the “Company”) and certain of the Company’s current and former senior executives (collectively, “Defendants”). The complaint expands the class period that was asserted in a previously-filed related securities class action pending against SolarWinds captioned Bremer v. SolarWinds Corporation, No. 1:21-cv-00002 (W.D. Tex.), and is brought on behalf of investors in SolarWinds common stock between October 18, 2018 and December 17, 2020, inclusive (the “Class Period”). 

On March 11, 2021, the New York City District Council of Carpenters Pension Fund was appointed Lead Plaintiff for the Class, and BLB&G was appointed Lead Counsel. Lead Plaintiff will file a consolidated complaint by June 1, 2021, and Defendants will file a motion to dismiss by July 16, 2021.

SolarWinds’ Alleged Fraud

Based in Austin, Texas, SolarWinds provides network management software used to monitor and manage networks, systems, and applications. The Company’s flagship product is its Orion platform. Orion provides a suite of software products widely used by government agencies and Fortune 500 companies to monitor the health and performance of their information technology networks. The Orion platform accounts for nearly half of the Company’s annual revenue.

The complaint alleges that, throughout the Class Period, Defendants falsely touted the Company’s robust security controls and commitment to prioritizing customers’ security and privacy concerns. The Company also represented that it faced purported risks with regard to its cybersecurity measures. In reality, however, the Company failed to employ adequate cybersecurity safeguards and did not maintain effective monitoring systems to detect and neutralize security breaches. As a result of vulnerabilities in the Company’s cybersecurity protections, SolarWinds and its customers were particularly susceptible to cyber-attacks. As a result of Defendants’ misrepresentations, shares of SolarWinds common stock traded at artificially inflated prices during the Class Period.

The truth began to emerge on December 13, 2020, when Reuters reported that hackers believed to be working for the Russian government had been spying on internal email communications at the U.S. Treasury and Commerce departments. The report further revealed that the hackers were believed to have gained access to the agencies’ networks through software updates for its Orion product released by SolarWinds. 

The next day, SolarWinds disclosed that hackers had breached its network and inserted malware into Orion, which was present in software updates released to SolarWinds customers between March and June 2020. The Company further revealed that the networks of as many as 18,000 customers may have been compromised by the Orion updates that contained the malicious code.

On December 15, 2020, Reuters reported that, in 2019, a security researcher had warned SolarWinds that anyone could access the Company’s update server by simply using the password “solarwinds123.” Thus, according to the researcher, the SolarWinds breach “could have been done by any attacker, easily.” Additionally, according to another cybersecurity expert, the malicious Orion updates were still available for download days after the Company realized that its software had been compromised.

Then, on December 17, 2020, Bloomberg News reported that at least three state governments had been hacked as part of the SolarWinds breach. Moreover, it was reported that the hackers used the SolarWinds intrusion to infiltrate government networks that implicated national security concerns, including the U.S. Department of Energy and its National Nuclear Security Administration, which maintains the country’s arsenal of nuclear weapons.  As a result of these disclosures, the price of SolarWinds common stock declined precipitously.

Other Cases of Interest

  • Novo Nordisk
    District of New Jersey Salvatore J. Graziano, Hannah Ross, Katherine M. Sinderson, Adam Hollander, James M. Fee, Emily Strickland, Sandy Yaklin
  • Merit Medical Systems, Inc.
    Central District of California Jonathan D. Uslaner, Michael D. Blatchley, Lauren M. Cruz
  • Luckin Coffee
    Southern District of New York Salvatore J. Graziano, John Rizio-Hamilton, Scott R. Foglietta, Jai K. Chandrasekhar, Kate Aufses, Nicholas Gersh
  • Impinj, Inc.
    Western District of Washington Jonathan D. Uslaner, Michael D. Blatchley, Lauren M. Cruz
  • Grand Canyon Education, Inc.
    District of Delaware Katherine M. Sinderson, Gregory V. Varallo, Robert Kravetz, Michael Mathai, Will Horowitz
  • FibroGen Inc.
    Northern District of California John Rizio-Hamilton, Jonathan D. Uslaner, Avi Josefson, Scott R. Foglietta, Brittney Balser
  • Centene Corp.
    Eastern District of Missouri Jonathan D. Uslaner, Lauren M. Cruz
  • HP Inc.
    Northern District of California Jeremy P. Robinson, Jonathan D. Uslaner, Hannah Ross, Avi Josefson, Michael D. Blatchley, Will Horowitz, Alexander T. Payne
  • Rayonier Inc.
    Middle District of Florida Avi Josefson, Jonathan D. Uslaner
  • OPKO Health, Inc.
    Southern District of Florida John Rizio-Hamilton, Jai K. Chandrasekhar, Adam Hollander, R. Ryan Dykhouse