JetBrains Security TeamCity

Statement on the story from The New York Times regarding JetBrains and SolarWinds

Read this post in other languages:

Please make sure you also read the follow-up post from the 7th of January

The New York Times has published a story in which they point to JetBrains being under investigation and somehow related to the SolarWinds breach that recently took place.

First and foremost, JetBrains has not taken part or been involved in this attack in any way. SolarWinds is one of our customers and uses TeamCity, which is a Continuous Integration and Deployment System, used as part of building software. SolarWinds has not contacted us with any details regarding the breach and the only information we have is what has been made publicly available. It’s important to stress that TeamCity is a complex product that requires proper configuration. If TeamCity has somehow been used in this process, it could very well be due to misconfiguration, and not a specific vulnerability. Furthermore, security is our top concern and we notify and manage updates transparently in our Security Bulletin.

Secondly, we have not been contacted by any government or security agency regarding this matter, nor are we aware of being under any investigation. If such an investigation is undertaken, the authorities can count on our full cooperation.

We remain open to answering any and all questions regarding this matter and as always are committed to delivering the best possible products and services to our customers.

Thank you
Maxim Shafirov
Chief Executive Officer

image description