SolarWinds Attack Prompts Calls for Companies to Disclose Hacks
One executive called disclosure rules “the only way we’re going to protect the country”
Hi, this is Alyza on Bloomberg’s cybersecurity team. Calls are growing for American companies to be more transparent about cybersecurity after suspected Russian hackers penetrated computer networks in the U.S. government and private sector.
We still don’t know the scope of the attack, which compromised software by the Texas-based firm SolarWinds Corp., pushing malicious code to as many as 18,000 of its customers in updates.
But how many of those companies were targeted for follow-on attacks by the hackers is still being investigated. The White House says it has identified nine federal agencies and about 100 private companies that may have been hit, though that number could grow as the inquiry progresses.
One reason we don’t know the full extent of the attack is there is currently no federal data breach notification law.