Cyber Breach and GDPR
Type of business: Insolvency Practitioner
Cyber security services:
GDPR review and report:
Our client: Insolvency Practitioner
GSI was approached by an insolvency practitioner who had been the victim of a ransomware attack. All files on their server had been encrypted and were no longer accessible.
- Data held on the server covered a period of 10 years.
- A significant amount of personal and confidential data was at risk.
- It was possible that their IT support company had been compromised.
Ransomware is usually about obtaining a payment to unencrypt files. Data theft is less common in this situation, but in case of data loss, it must be reported to the ICO. We were able to establish where the attack came from and the approximate time of the attack. By examining the company’s routers and through other means, we proved that subsequent to the ransomware attack, very little data had been transmitted by the server, so it could not have been stolen.
We also examined access points and established that the ransomware had used a gateway through the company’s IT support contractor. We raised the alarm to increase security of their servers and avoid replication with other clients.
Our in-house lawyer and GDPR expert prepared a report to fully comply with GDPR and we ensured protection of all sensitive data. The ransomware issue was resolved without the need to pay a ransom and the company was operational again a couple of days later.