SolarWinds "Orion" supply-chain breach

In response to the SolarWinds "Orion" supply-chain breach, we want to provide an update to our customers.

As of December 23, 2020, there have been no reports or indications that any Imprivata solutions have been compromised or otherwise impacted by this breach.

Internally, we do not use any SolarWinds or FireEye products or services in our IT infrastructure, so our own ecosystem of applications, servers, and endpoints has also not been compromised or otherwise impacted by this breach. Prioritizing security, we have ensured all our key services are on the most recent approved updates and have validated that multiple layers of our security model will stop the known Solarwinds/FireEye hack threats. We are also working with our key partners and supply chain to ensure they also remain secure. Imprivata Security Operations will continue to monitor Imprivata-owned IT assets to ensure that neither the security or privacy of our customers or their data is compromised.

If any of our customers have any concerns about whether they could be directly at risk, we highly recommend they reach out the impacted vendors and key security partners as well as review current US Department of Homeland Security’s guidelines around the threat. Imprivata regularly provides updates and upgrades to release new features, improve security, and fix bugs. We recommend upgrading to the latest version once it is available.