On Tuesday, 8 December 2020, FireEye reported unauthorized access of their Red Team tools due to a security vulnerability. FireEye also announced that this attack had compromised SolarWinds Orion software updates resulting in a SolarWinds supply chain vulnerability. Acquia receives security alerts from a variety of sources and has been monitoring internet social media traffic after the 8 December 2020 FireEye breach announcement.
Acquia does not utilize FireEye services or related SolarWinds services, but will continue to monitor for any possible impact to Acquia Services.
Upon the release of FireEye’s published report on the SolarWinds supply chain vulnerability, Acquia evaluated its services environment for impact. Acquia services are currently unaffected by the SolarWinds supply chain vulnerability.
As always, Acquia will continue monitoring for emerging threats and vulnerabilities including monitoring of client hosting environments.