SolarWinds shareholders have appealed to the Delaware Supreme Court after a lower Chancery Court dismissed their lawsuit against the software company’s directors last year, arguing that the board “did absolutely nothing” for years to address cybersecurity flaws that were exposed in a massive 2020 hack of their flagship Orion IT management software.
In an opening brief filed Wednesday and obtained by SC Media, the shareholders told the state high court that Delaware Vice Chancellor Sam Glasscock III’s September ruling ending their case was wrongly decided.
The shareholders sued current and former SolarWinds directors in 2021 for their “utter failure” to monitor the systems and deal with cybersecurity deficiencies, which led to a 2020 hack that is widely viewed as one of the most severe cybersecurity incidents in U.S. history.
However, Delaware Vice Chancellor Sam Glasscock III said last year that the company was the “victim of a major crime,” and its leadership shouldn’t carry the burden of responsibility under corporate law for “operational loss” and “simple negligence.”
“Historically, only utter failures by directors to impose a system for reporting risk, or failure to act in the face of ‘red flags’ disclosed to them so vibrant that lack of action implicates bad faith, in connection with the corporation’s violation of positive law, have led to viable claims under Caremark,” the vice chancellor noted in a Sep. 6, 2022 opinion obtained by SC Media.
In Sunburst’s case, there is no solid evidence indicating that the directors were operating in