Security News > 2020 > December > UK privacy watchdog warns SolarWinds victims to report data breaches
United Kingdom's Information Commissioner's Office has warned organizations that fell victim to the SolarWinds hack that they are required to report data breaches within three days after their discovery.
The UK independent authority urged organizations using compromised versions of the SolarWinds Orion IT management platform to check for evidence of attackers infiltrating their network and gaining access to personal information.
"If a reportable personal data breach is found, UK data controllers are required to inform the ICO within 72 hours of discovering the breach,"the data privacy watchdog said.
The UK National Cyber Security Centre has also issued guidance for organizations using SolarWinds Orion after the platform's compromise was disclosed on December 13th, 2020.
Microsoft, FireEye, SolarWinds, and the U.S. government publicly disclosed the security breach in a coordinated report revealing that SolarWinds had been hacked by a nation-state threat actor believed to be APT29, a hacking group associated with the Russian Foreign Intelligence Service.
News URL
Related news
- UK Trails Behind Europe in Technical Skills Proficiency, Coursera Report Finds (source)
- White House report dishes deets on all 11 major government breaches from 2023 (source)
- Privacy warriors gripe to UK watchdog about Meta harvesting user data to train AI (source)
- Australian Organisations Experiencing Highest Rate of Data Breaches, Reports Rubrik (source)