Someone asked me to provide a simple description of what this SolarWinds hack is all about. So for anyone who is confused by the technical details, here's a thread with a simplified explanation of what happened and what it means.

The maker of software that is used in the highest echelons of gov, including the White House and NSA, was compromised by attackers who slipped malicious code into the software maker's trusted code without the software maker knowing it. The code got distributed to its customers

That malicious code, once it infected customer systems, opened a backdoor into those systems and contacted the hackers to let them know the door was open for them to surreptitiously enter those systems and begin stealing sensitive data on those networks.

The hackers did this back in March and their activity was only recently discovered - this means they have been inside gov systems all these months stealing data and spying on gov workers without anyone knowing until now. They also infected telecoms and other company networks.

Here is a list of some of the customers who use the software made by the software maker (their name is SolarWinds). All of these were potentially compromised.

What does this mean for average person and their data? This is a national security hack conducted by a nation-state (Russia) and focused on high-value targets/data. While it's possible yr personal data could have been compromised, it's more likely not what the hackers were after.

But there's a lot that's still unknown about the operation -- who all was compromised and what data or secrets were stolen.