The suspected Russian hackers behind breaches at U.S. government agencies also gained access to major U.S. technology and accounting companies, at least one hospital and a university, a Wall Street Journal analysis of internet records found.
The Journal identified infected computers at two dozen organizations that installed tainted network monitoring software called SolarWinds Orion that allowed the hackers in via a covertly inserted backdoor. It gave them potential access to much sensitive corporate and personal data.
Among them: technology giant Cisco Systems Inc. CSCO, -1.23%, chip makers Intel Corp. INTC, -2.32% and Nvidia Corp. NVDA, +0.45%, accounting firm Deloitte LLP, cloud-computing software maker VMware Inc. VMW, +1.49% and Belkin International Inc., which sells home and office Wi-Fi routers and networking gear under the LinkSys and Belkin brands. The attackers also had access to the California Department of State Hospitals and Kent State University.
The victims offer a small window into the sweeping scope of the hack, which could have ensnared as many as 18,000 of Austin-based SolarWinds Corp.’s SWI, +13.68% customers, the company said, after hackers laced a routine software update with malicious code.
SolarWinds said that it traced activity from the hackers back to at least October 2019 and that it is now working with security companies, law enforcement and intelligence agencies to investigate the attack.
Also popular on WSJ.com: