As the scope of the SolarWinds cyberattack is still being explored, CUNA’s compliance staff examine what credit unions can do next in a recent CompBlog entry.
The attack affected an estimated 18,000 SolarWinds customers, which include government agencies, Fortune 500 companies, financial institutions, and vendors serving financial institutions.
Credit unions running SolarWinds Orion software should refer to the company’s security advisory to determine whether systems were compromised and obtain the company’s breach mitigation recommendations.
Non-SolarWinds customers should contact their IT vendors to determine whether they utilized the SolarWinds Orion software, and if so, what steps they’re talking to ensure that the credit union’s data is secure.
NCUA’s rules and regulations call on credit unions to have in place procedures to: