Security News > 2020 > December > UK privacy watchdog warns SolarWinds victims to report data breaches
United Kingdom's Information Commissioner's Office has warned organizations that fell victim to the SolarWinds hack that they are required to report data breaches within three days after their discovery.
The UK independent authority urged organizations using compromised versions of the SolarWinds Orion IT management platform to check for evidence of attackers infiltrating their network and gaining access to personal information.
"If a reportable personal data breach is found, UK data controllers are required to inform the ICO within 72 hours of discovering the breach,"the data privacy watchdog said.
The UK National Cyber Security Centre has also issued guidance for organizations using SolarWinds Orion after the platform's compromise was disclosed on December 13th, 2020.
Microsoft, FireEye, SolarWinds, and the U.S. government publicly disclosed the security breach in a coordinated report revealing that SolarWinds had been hacked by a nation-state threat actor believed to be APT29, a hacking group associated with the Russian Foreign Intelligence Service.
News URL
Related news
- How to use Apple’s App Privacy Report to monitor data tracking (source)
- Canvassing apps used by UK political parties riddled with privacy, security issues (source)
- UK watchdog investigates TikTok and Reddit over child data privacy concerns (source)
- UK watchdog probes TikTok and Reddit over child privacy concerns (source)