In December 2020, cybersecurity researchers at FireEye discovered and reported a supply chain attack on SolarWinds software. The attack was conducted via a malicious software update to install a backdoor dubbed “SunBurst”, allowing attackers remote access to exfiltrate data and install additional malware. Phoenix does not use any SolarWinds products, and we have not heard of any proliferation of affected products beyond those of SolarWinds. We will continue to monitor the situation closely to act upon new information as it becomes available.
