Google has announced it was not impacted by the SolarWinds hack, one of the biggest cybersecurity breaches in US history.
Corporations and government agencies were compromised by a supply chain attack involving SolarWinds’ Orion IT software. Hackers managed to compromise Orion IT, creating a trojanized version that left organizations using it open to attack.
Despite using SolarWinds software, Google has announced it is not one of the companies impacted. Phil Venables, CISO, Google Cloud, confirmed the information in a blog post:
Based on what is known about the attack today, we are confident that no Google systems were affected by the SolarWinds event. We make very limited use of the affected software and services, and our approach to mitigating supply chain security risks meant that any incidental use was limited and contained. These controls were bolstered by sophisticated monitoring of our networks and systems.
This is good news for Google, as well as its cloud customers.