In the course of this investigation, no indication of malicious activity was found. After learning of this from the Cybersecurity and Infrastructure Security Agency (CISA) alert, we immediately isolated our Orion environment and began using the information provided by CISA, FireEye, and our security partners to search our environment for known signs of malicious activity. On Decemwe were made aware that Cengage, like an estimated 18,000 other entities, was running a compromised version of SolarWind’s Orion. We carried out system checks in line with recommendations from SolarWinds and CISA and found no evidence that the affected system or any of our networks were breached, and we continue to monitor and act on the evolving guidance available.
As soon as we learned of the issue, we shut down the affected server as per US Government guidance, and this server has not been and will not be re-attached to our network. The Economist Group (parent company of the Economist Intelligence Unit) was operating an affected version of the SolarWinds tool. Affected vendors and responses: Economist Intelligence Unit Vendors not listed on this page have responded to say they were not affected by the breach. Responses from vendors that have been affected are recorded below. Details on the breaches can be found here: Īll current BC ELN and eHLbc vendors have been contacted, as well as some others whose products our partner libraries might subscribe to (thanks to CRKN).
In collaboration with Consortia Canada, BC ELN have contacted all vendors of BC ELN, eHLbc, and ConCan licenses to learn whether they and their products are impacted by the December and January security breaches at SolarWinds.