Earlier today, both Truist and Baird downgraded SolarWinds (SWI) to Neutral-equivalent ratings following last week's report by the company of a hack attack that is still being investigated. On December 14, the company disclosed that it has been made aware of a cyberattack that inserted a vulnerability within its Orion monitoring products which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. Alongside multiple U.S. government agencies, Microsoft (MSFT) was also breached as part of the suspected Russian campaign that targeted the widespread use of software from SolarWinds, according to Reuters. 

MOVING TO THE SIDELINES: Truist analyst Terry Tillman downgraded SolarWinds to Hold from Buy with a price target of $14, down from $26. The disclosed cyberattack that impacted SolarWinds' Orion network monitoring products resulted in the stock losing 40% of its value, versus 5% median gain for the analyst's software coverage group, Tillman told investors. While frustrating to react after such a large move with a downgrade, he lacks visibility into potential business and financial model impacts. Without any ability to assess the impact of the cyberattack to revenue, especially maintenance revenue, as well as earnings and cash flow, the analyst is "uncomfortable" maintaining a Buy rating, he said.

Meanwhile, Baird analyst Rob Oliver also downgraded SolarWinds to Neutral from Outperform with a price target of $15, down from $24. The recent high-profile hack may create "prolonged uncertainty" which could continue to pressure shares, even after the recent pullback, Oliver told investors in a research note of his own. The breach could impact SolarWinds' growth expectations due to potential damage to its brand, the analyst added. Further, he argued that the "unfortunate timing" of the CEO transition brings an "unknown" to investors at a critical time.

WHAT'S NOTABLE: Commenting on "the highly publicized nation-state cyberattack on SolarWinds," Mizuho analyst Gregg Moskowitz told investors that the hack reinforces the need for a strong security posture against sophisticated cyberattacks. The analyst expects the "mega-breach" to trigger additional spend from governments and organizations in 2021. Security sub-segments that could be primary beneficiaries include next-gen endpoint security companies like Crowdstrike (CRWD), vulnerability management companies like Qualys (QLYS), Rapid7 (RPD) and Tenable Holdings (TENB), cloud access/protection names like Palo Alto Networks (PANW) and Zscaler (ZS), and identity and privileged access management companies like CyberArk (CYBR), Okta (OKTA), Ping Identity (PING) and SailPoint (SAIL), Moskowitz added.

PRICE ACTION: In afternoon trading, shares of SolarWinds have gained over 13% to $16.03.