SolarWinds
Several U.S. government agencies and large organizations were hit by cyberattacks due to a vulnerability in IT infrastructure provider – SolarWinds.
Many government agencies and Fortune 500 companies use SolarWinds, which contributed to the severity of the attack.
Organizations were forced to continue working with it despite knowing that a breach had occurred.
The attack resulted from a weak password that an intern had used – “solarwinds123”.
The attack affected thousands of SolarWinds’ clients, causing billions in damages.
Source: https://securityaffairs.co/wordpress/139160/data-breach/worst-data-breaches.html
"id": "SOL22751222",
"linkid": "solarwinds",
"type": "Vulnerability",
"date": "02/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"