Three #capitolhillbreach and #solarwindsbreach parallels: (1) attackers gained command and control over assets and information for relatively long periods, unmonitored, (2) understanding the data security damage, and recovering from the reputational damage, will not be easy, and (3) in both cases, there were definitely not "good people on both sides"... And two critical differences: (1) Capitol Hill attackers relied on brute force access through poorly protected front doors, not a hidden backdoor, and (2) the Solarwinds breach wasn't also a #superspreader event.