SolarWinds customers and the global IT industry in general are reeling from the announcement that SolarWinds Software was breached, potentially exposing sensitive information on millions of users. According to a statement released by the company on June 21, 2017, the breach dates back to mid-2016. The company is currently working with law enforcement and investigating the cause of the breach. SolarWinds has launched a website where users can check whether their personal data might have been compromised. Additionally, the company is offering identity theft protection and credit monitoring services for those who fall within the scope of the breach. If you are a SolarWinds user, you might be wondering: What personal information is at risk? And what can you do to protect yourself? While the company is working to uncover the full extent of the breach, here’s a primer on what we know so far.

SolarWinds Software Hacked

SolarWinds Software, an Austin-based company that specializes in network management software, was hacked. The breach, which took place between mid-2016 and June 2017, is being investigated by law enforcement.

What Personal Information Is Hacked?

The personal information at risk according to SolarWinds is: *email addresses *first and last name *company name *street address *city, state, zip code *country *telephone number *traditional password But there could be more leaked data that’s not yet known. That’s why it’s important to take steps to protect yourself now. If you are a SolarWinds customer, go to the website and find out if your information might have been compromised. If you are not a SolarWinds customer and are concerned about your personal information, contact your bank or credit card company and ask for fraud protection measures.

The Problem With Software-Based Security

What’s worrying about this breach is that it exposes a potential weakness in software-based security. SolarWinds recently reported its fiscal year 2016 earnings, which showed a 43% decline in net income. A lot of the pressure on the company has been attributed to the shift to subscription-based software sales and reduced license revenues. Regardless of whether or not the cause is due to a lack of product focus or other factors, there are still many people who use SolarWinds products. And if any one of those people fall within the scope of this breach, they could be at risk for having their sensitive personal information leaked.

How to Protect Yourself From a Software-Based Breach

Fortunately, there are steps you can take to protect your data from a software-based breach such as this one. To help you determine if your personal information has been compromised in the SolarWinds breach, the company is offering users of its products and services the ability to check whether their data is at risk by visiting its website. If your information does fall within the scope of the breach, you’ll see a notification on the site. You can then sign up for free identity theft protection and credit monitoring services offered by SolarWinds. But even if your personal data appears safe for now, it’s still important to take precautions against future breaches. Follow these basic rules to keep hackers out of your personal data:

SolarWinds Customers Affected

SolarWinds announced that the breach affected all of its customers, including those using products and services from the company’s MSP division. The company announced that it has not yet determined which personal information has been compromised in the breach. However, SolarWinds is urging its customers to review their accounts for suspicious activity, such as emails requesting for passwords or other private information.

Learn from the Breach: Take These Precautions

This breach is a reminder that no IT company is immune from cyber-attacks. As a SolarWinds customer, you might be wondering what steps you should take to protect yourself. Here are some best practices for what to do after your IT provider has been breached: * Monitor your credit reports and bank account transactions for suspicious activity. * Set up two-factor authentication for your accounts with SolarWinds and other providers. * Change your passwords on all of your accounts (including those outside of SolarWinds). * Turn on mobile security features on your phone (e.g., Face ID, fingerprint). * Check out the website that SolarWinds created to let users know if they were affected by the breach.

Conclusion

The security of our customers’ data is mission-critical to SolarWinds. That’s why we have been working around the clock to understand the extent of the breach and to make sure that every customer’s data has been secured. This breach is a stark reminder that software-based security can never be a substitute for good, old-fashioned physical security. The best defense is a good offense. SolarWinds customers should take these precautionary measures to protect themselves from a software-based breach: 1. Have a plan in place. 2. Encrypt your data. 3. Educate your employees about the security risks associated with phishing, malware and data theft. 4. Educate your customers about the risks of phishing, malware and data theft. 5. Train your employees to recognize suspicious emails and websites. 6. Keep software up to date with patches and updates. 7. Control access to sensitive data, especially if you use cloud storage or email services such as Gmail or Microsoft Outlook 365 where you have less control over access levels. 8. Install anti-malware software and make sure it’s up to date with patches and updates. 9. Install an intrusion