Regarding Supply Chain Attacks Involving SolarWinds Orion
On December 13, 2020, FireEye disclosed information about a supply chain attack involving the SolarWinds Orion software. A component of the Orion software was found to have contained a backdoor malware called SUNBURST, that was communicating with 3rd party servers. This was used to infiltrate numerous public and private organizations world-wide.
Working with our cloud infrastructure team, we identified that we do make use of the Orion software internally. After investigating, we have determined that we do not use the vulnerable version and are not impacted by this attack. We have multiple safeguards in place to ensure that only authorized personnel can access this environment.
Update - Mon, 14 Dec 2020 17:51:33 UTC
This incident has been resolved. Please contact Zscaler Support if you have additional questions.