The Minnesota Department of Commerce is reminding financial service registrants, particularly state-registered investment advisers, to report any known issues or concerns related to the recent SolarWinds cybersecurity incident to their primary securities regulator.
Last month, the federal government reported that SolarWinds, a vendor that provides updating and monitoring software to numerous government agencies and private companies, was the victim of a breach that caused SolarWinds Orion Network Management Products to transmit malware to many of its clients, including federal, state, and local governments, as well as other private sector entities.
The U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency has issued this Supply Chain Compromise Alert that describes the threat and provides guidance on how to address it.
The Minnesota Department of Commerce is issuing this reminder to raise awareness among state registrants and to provide information and resources to help those affected to recover quickly and protect their clients and colleagues.
Any firm with known malicious versions of the SolarWinds Orion software should contact its primary regulator. State-registered investment advisers in Minnesota should contact the Department of Commerce at Securities.Commerce@state.mn.us