80 comments

[ 2.6 ms ] story [ 310 ms ] thread
>There is a plausible explanation for all this: the VCs shed their stock-holdings on the same day SolarWinds' long-standing CEO resigned.

>The software house announced in August that Kevin Thompson would leave the company though it didn’t give a date. Thompson reportedly quit on Monday, December 7 – news that was not made public – and a new CEO was formally announced two days later, on December 9, the day after FireEye went public on December 8 with details of the intrusion into its own systems.

Why would a VC wait until the CEO resigns to dump their stock, if they already knew that he was leaving? Wouldn't it make more sense to slowly dump it over several weeks/months so you don't move the market? The "plausible explanation" sounds like a convenient excuse, imo.

Because you'd get charged with insider trading if you do.
What is the minimum amount of time that needs to pass between announcements and selling of stocks before it is not considered insider training anymore? 1s, 1 day?
The moment the information is public.
You have to leave a reasonable amount of time to ensure that the information can be priced into the market.
The market's made of computers reading press releases, so that's well under a second.
That's just the market's "gut reaction" so to speak.
There have been cases where it happens after a certain amount of time after the announcement, technically, but where there wasn't enough time for speed of light delay to get the information to the place where the trade was executed.

https://www.washingtonpost.com/news/wonk/wp/2013/09/24/trade...

Hmm. In that case it didn't happen after the announcement. If the events have space-like separation, then neither 'before' nor 'after' are valid descriptions.

(And "simultaneously" is right out.)

Good luck telling regulators this, I suppose...

(comment deleted)
(comment deleted)
milliseconds, nanoseconds if you can
It's pretty vague. I recall guidance of waiting for two trading days, but that seems pretty conservative. Otoh, who wants to have to argue it with the SEC.
(comment deleted)
> There is a plausible explanation for all this: the VCs shed their stock-holdings on the same day SolarWinds' long-standing CEO resigned

Why is that even proposed as the end of the plausible explanation? Seems equally plausible that the CEO stepped down as a condition of not being blamed for gross incompetence (ie help whitewashing this taint on his record) while staying silent so that everyone (including him) gets a nice payday and can move on to some other area?

There’s lots of possible explanations. Why not urge a full public accounting so that everyone can review if any wrongdoing took place?

> everyone (including him) gets a nice payday and can move on to some other area?

This is what bugs me the most about the corporate landscape.

You can be incompetent & cause huge damage to a business, but if your a c-level, your usually given the option of leaving quietly, with a nice payout and then continuing your career like nothing ever happened.

Just wait 6-12 months and you'll see this CEO pop up at another company, and on their website in his bio it will read something like "Implemented and executed a revolutionary vertical & dynamic cyber and security strategy at SolarWinds saving the business $xxx"

> This is what bugs me the most about the corporate landscape.

It's not just n the Corporate World, either: the failing up method of success is prevalent in government, too. Which often has a revolving door into certain Industries for some reason...

I think this has more to do with widespread corruption within certain set class of people in Society than it does as a single isolated issue of incompetent individuals. The goals shouldn't be to get those standards to apply to a c-level and below employee, it should be to phase away with those incentives completely.

Elon mentioned the over MBA-ization ruining US business culture and innovation, which is no doubt a factor; but to be honest the lack of accountability and that actual punitive punishments for their mistakes seem to often be non-existent are for me way more systemic and a greater drag on overall progress, since the wrong incentives (like this) are already baked in to the process of a 'successful career' by default.

> It's not just n the Corporate World, either: the failing up method of success is prevalent in government, too. Which often has a revolving door into certain Industries for some reason...

It’s important to define what qualifies as success.

Successfully maximising capital extraction and gains for the subset that are relevant to your career may be more important than successfully executing business / government strategy for shareholders / the public.

> Successfully maximising capital extraction and gains for the subset that are relevant to your career

And this is the very crux of the issue, and what is being portayed as a 'successful career' is nothing more insulting embellishment based on than vulture/cronyist practices operating under the false veil of capitalism: short sighted thinking coupled with an perverse culture that enables this leads to this wide spread corruption, be it in banking/corp World or in Government. One doesn't have to look very far to see the parallels to this pandemic and that of 2008 to see nothing really changed, and its made it clear that the US may be the current hegemon but it's standing in the World has significantly diminished in my Lifetime.

Naomi Klein's shock doctrine outlines this very well, and unless this very thing is addressed we're seriously screwed as a Species. We don't need more Elizabeth Homes, Bernie Madoffs, Blyth Masters, Lloyd Blankfiens or Jamie Dimons and we should discourage any more from being created, because upon even the slightest amount of scrutiny you realize they're incredibly stupid and are failures at doing anything but screwing up and putting themselves in a position getting a massive pay out from it--almost always State subsidized.

Instead we ask more and pay less of those very people who keep the system from completely toppling over while wealth get even more and more concentrated. It should be very clear that a country that funnels this much into the investment class while 1/4 of the country is unemployed and ask its medical workers to function without PPE is a reflection of these misdeeds. And that the illusion cannot be maintained anymore.

You don't even have to be a c-level. Line employees are hired all the time in new companies, regardless of the wreckage they wrought at their previous employer(s). No need to wait 6-12 months even. The only thing missing is a big payout on leaving but that is more a function of c-level managers having good leverage and negotiation skills than a result of their competence or lack thereof.
I’m more inclined to give line employees a break though, because toxic management is so common. Sure, there are bad apples. But the prevalence is way overblown and the “one bad hire” who is a “toxic employee” is mostly a myth.

Rather it’s usually management setting things up for failure, not listening to employees, not giving support or required resources. And the line employee will get scapegoated while the bad management a few levels above will fail up and deflect any blame.

> "Implemented and executed a revolutionary vertical & dynamic cyber and security strategy at SolarWinds saving the business $xxx"

That's pretty much on every dev's resume as well, despite their buggy project getting hated by everyone and shut down.

I have never understood how blaming the CEO for a code bug makes sense. I doubt the CEO coded it.

For big policies, sure - blame the CEO. But for things like a security vulnerability? No.

This goes far beyond a simple coding bug. The CEO should be aware of where large risks might lie and dedicate the proper resources to managing them.

In a company that sells these types of products to these types of customers, security is paramount.

Doesn't that knife cut both ways? If the CEO isn't responsible at all for the product then it's hard to claim that they had much to do with the success of the company.
A server with the password "solarwinds123" isn't a coding bug, it's an obvious lack of security audits.
> Seems equally plausible that the CEO stepped down as a condition of not being blamed for gross incompetence

His departure was announced in August.

Why are you presuming that there weren’t warning signs of this being an issue, perhaps detected in July and then decided on the course of action by August with the public details of how bad it was starting to slowly trickle out. I recall reading a precursor news article before the details about SolarWinds coming out and that’s an external source from SolarWinds and the government agencies involved starting to get wind of the damage. It’s entirely possible the FBI was sleeping on the job too, so focused on electoral interference that blinded them to a different avenue of attack if it was indeed the Russians behind it. This indicates our government is wholly incompetent at securing our infrastructure. This is a drum beat warning I’ve heard since the 90s when I was a teenager. Our focus on offense rather than on industry wide defense means our IT culture is wide open to attack. That being said it’s also entirely possible this is broadly true but I have seen no evidence of America making attacks of this nature. Our attacks can be more devastating and technically accomplished, but I’ve seen no evidence of us having the ability and using it of making targeted quick strikes at an enemy’s interior weak spots as a constant source of irritation. We do things like Stuxnet or threatening Russia’s power grid for relatively cheaper attacks. Basically we try to fight a gun war with nukes and we don’t have any guns.
That's just speculation, though. Possible? Sure. Plausible? Sure. Pure speculation? Yep
Because we don't know what happened and 'gross incompetence' is an unfair allegation.

Do you think your company could withstand an attack from a nation state with unlimited powers? Doubtful.

Even if the investors did know about the security breach, it wouldn't be illegal for them to trade on that information so long as it wasn't 'insider' aka they were made aware by the company itself.

We don't know what happened, but the issue is not with trading shenanigans, the issue is the materiality of the security breach and who did it, how and why etc..

It sure seems like every time bad news breaks about a company, there's an accompanying well-timed stock sale from an insider with a convenient excuse.
Funny how the human mind works.

1) Is $286m a lot?

2) How many insiders are there and what is normal behavior for them?

3) Are these well-timed sales abnormal or are we only looking because of the headlines?

A quick read of this story doesn't seem to answer these questions.

Their market cap today is ~5.6B at $18 a share. Jumping back to December 7, they were worth $23, so ~7.3B market cap. So, close to 4% of outstanding shares.
Outstanding is a bad metric. "Float" is a better one.

SWI has 53 million floating shares, resulting in 53m*23= $1.2 billion today.

So a quarter of float traded. That is crazy movement.

Agreed this metric is better, but the article also notes that these two firms own 70% of SolarWinds so any meaningful sale would be large by this measure I think?
Many times its just the stop loss being triggered.
These guys and the Pfizer CEO are champs at timing stock sales at the top.
r/wallstreetbets has entered the chat
Probably not... I didn't see TSLA mentioned once in this article :)
Pfizer's CEO sold on November 9th, on a day the stock closed at $37.14. It peaked last week (the 8th) at $42.56, and closed today at $37.84, so I'm not sure what you're talking about.
His trade was another pretty obvious inside trade (timed the announcement of their successful trials with the scheduled sale)
It was a sale that had been scheduled months previously, and it should by now be obvious that the trial really was successful!
You think it's hard to schedule a well timed press release in a way that works in well with your predetermined share sales?
I don't know about this sale in specific, but isn't it a common trick for execs to schedule sales in advance and then cancel if it turns out not to be the right time to sell?
No, the SEC also considers that illegal insider trading. They actively monitor for this "trick" and aggressively pursue an investigation if there isn't a very good reason for a scheduled trade to be cancelled.
So he didn't know this was the date that the trail results would be announced months previously?
This chain of thought would make sense if the press release were overly optimistic or otherwise misleading... But he didn't even sell at the peak?
Or he could've influenced the announce date to coincide with his sale.
I was thinking "let's buy some of these" then I realized this is not a green energy firm.
The cynical side of me thinks that SolarWinds is only going to get a slap on the wrist for the recent security breach news. They’re too big to fail, especially during this ongoing pandemic.

Sounds like a good time to pick up some SolarWinds stocks.

A few more days of news coverage and they'll be the hot new cyber security stock everyone has heard of...
Yeah, congress gonna pass a law limiting their liability from being sued, all holes fixed… lol
Interestingly enough, since I no longer believe spin from the news. They claimed they were no using Orion on the dominion voting machines. CEO testified to it. What were they using? The screenshot of the login page shows the SolarWind logo. Anyone know which tool that was.

https://www.dailydot.com/debug/solarwinds-hack-dominion-debu...

Dominion the company uses SolarWinds or Orion does not mean the voting system it develops uses SolarWinds or Orion. I am pretty sure Dominion also uses MS Office, but that does not mean the voting system is vulnerable to MS Office hacks.
That all might be well and True. Except there also has been testimony that the voting machine do have the ability to connect to the internet. It was turned of during the vote counting. But I presume the connection to the internet is for the machines to connect to servers to download updates. So its not like a possible vector could not exist during these updates. If the company is compromised.
Given that Equifax is still around this might be a good buy
Equifax isn't just "still around". Their stock price is up nearly 50% from the day before their data breach crash.
Did they ever even pay out the $125 checks?
No one gets rich paying money to the little people.

I don't think many people if any got paid. Perhaps some lawyers.

No one got anywhere near $125; they prorated it by the number of checks requested.

I’m not sure they even paid out the prorated amount.

I thought about this too at first. But there is a difference. The victims of the Equifax hack were not their customers. But you might still be right.
Seems they removed the customer list even on archive.org

https://web.archive.org/web/*/https://www.solarwinds.com/com...

How did they manage to do that? I thought I’d seen it there a few days ago?
Attention value investors: recall Warren Buffett's aphorism that "A great investment opportunity occurs when a marvelous business encounters a one-time huge, but solvable, problem" (quoted from Benjamin Graham and David Dodd, Security Analysis). Considering the current economic environment, with a massive stock-market bubble and historically low interest rates, as well as the obvious demand for network security products and services, Solar Winds could be an excellent investment prospect - that is, once the shares get beaten down and the scandal begins to fade.
SolarWinds filed an 8-K report with the SEC[1] stating that they first learned about this after these sales closed:

> On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of avery sophisticated cyberattack on SolarWinds.

That timeline also matches FireEye's statements and disclosures.

Since negotiating these sales takes time, it's likely that weeks elapsed between the negotiations and SolarWinds learning of this on Dec. 12.

[1]: https://d18rn0p25nwr6d.cloudfront.net/CIK-0001739942/6dd04fe...