NOTICE DATE: February 11, 2021
NOTICE TYPE: M-A021121-01 General
SHORT DESCRIPTION: Inquiries concerning the SolarWinds Orion Software Security Breach
INTENDED AUDIENCE: All Market Participants
DAYS AFFECTED: Ongoing
LONG DESCRIPTION: Following the SolarWinds Orion software security breach (SolarWinds Breach) that became public knowledge in mid-December 2020, ERCOT has received inquiries from Market Participants regarding potential impacts arising from the SolarWinds Breach. This Market Notice is being issued in response to those inquiries, and in order to notify all ERCOT Market Participants that ERCOT was not adversely impacted by the SolarWinds Breach.
SolarWinds Orion software is widely utilized by businesses and government agencies to monitor server and device availability and performance. ERCOT has utilized SolarWinds software since 2003.
ERCOT learned of the SolarWinds Breach on December 13, 2020. The same day, ERCOT began a detailed analysis of potential impacts from the SolarWinds Breach to ERCOT software and systems. ERCOT’s analysis did not identify any adverse impacts to software or systems managed and owned by ERCOT. ERCOT’s computer networks and systems were neither compromised, nor disrupted, as a result of the SolarWinds Breach.
ERCOT maintains a robust cybersecurity program, and will continue working in collaboration with its state and federal cybersecurity partners to monitor the SolarWinds Breach and other emerging cybersecurity threats.
CONTACT: If you have any questions, please contact your ERCOT Account Manager. You may also call the general ERCOT Client Services phone number at (512) 248-3900 or contact ERCOT Client Services via email at ClientServices@ercot.com.
If you are receiving email from a public ERCOT distribution list that you no longer wish to receive, please follow this link in order to unsubscribe from this list: http://lists.ercot.com.