The hack at SolarWinds was announced just days after CPPIB’s investment.

Around December 9, the Canada Pension Plan Investment Board (CPPIB), Canada’s largest pension fund, bought approximately 5% of  Texas-based software company SolarWinds (NYSE: SWI) for $315 million from private equity firm shareholders Silver Lake and Thoma Bravo. The price was $21.97 per share of SolarWinds. A week later, news broke of the very sophisticated cyberattack on SolarWinds. The price of the stock fell to a low of $13.98, knocking off 36% of CPPIB’s investment. (CIO)

Question: Did someone know?

PE firms Silver Lake and Thoma Bravo claim they were ignorant of the hack attack when they sold the SolarWinds stock to CPPIB, according to a Washington Post report quoted by CIO.

“To the best of our knowledge, no one was aware of the hack leading to our capital commitment,” Michel Leduc, CPPIB’s senior managing director, said in a statement to the Washington Post.

Significantly, Leduc added that CPPIB is “always focused on the very best interests of the fund and we will continue to assess the circumstances for optimal certainty.”

Investigation in the offing

According to legal experts cited by the Post, the SEC may investigate whether any information was inappropriately withheld at the time of the deal.

SolarWinds could also be answerable for not heeding in 2017 a warning regarding cybersecurity risks from security adviser Ian Thornton-Trump.

According to a Bloomberg report, Thornton-Trump believed that a major cybersecurity risk was imminent and urged SolarWinds executives to hire a cybersecurity senior director.

Russia the likely culprit

Meanwhile, US intelligence and law enforcement agencies investigating the SolarWinds attack issued a joint statement Tuesday. They said the group responsible “likely originated in Russia” and the attack is believed to be an act of espionage rather than cyber warfare.

The agencies said that the actor, “likely Russian in origin, was responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.”

Related Story:  Hackers, Suspected Of Russian Origin, Breach The U.S. Treasury