Hartford Office Managing Partner Ted Augustinos, a member of the steering committee of Locke Lord’s Privacy and Cybersecurity Practice Group, was quoted in a Bloomberg Law article discussing data breach notification considerations for entities that could have been compromised in the recent hack of SolarWinds or similar cybersecurity incidents. Augustinos pointed out that while it’s unlikely that every business that downloaded software with a security flaw would be compromised, it is prudent to err on the side of caution when considering whether to notify consumers of a breach.
“If you can show that the backdoor was not utilized on your systems and no one got to the data even though the vulnerability was there, you presumably would not trip the breach notification requirements,” Augustinos said.
“You don’t want to be wrong here,” he added. “You don’t want to not notify people and then find out everyone in your database was compromised.”
To read the full article, click here (subscription may be required).
Sign up for our newsletter and get the latest to your inbox.