The U.K. Information Commissioner’s Office (ICO) will not investigate the British Library following a cyberattack in October 2023, in line with its shifting focus on ransomware incidents. This decision reflects a broader decrease in ICO investigations of such breaches, as the agency prioritizes resource allocation. The British Library’s transparent response and commitment to improved security measures have been commended, contrasting with other organizations that faced penalties after similar attacks.
Keypoints :
- The ICO will not pursue an investigation into the British Library following an October 2023 cyberattack.
- Investigations of ransomware breaches by the ICO have decreased significantly from 2019/2020 to 2024.
- The British Library was praised for its transparent incident review and refusal to pay an extortion fee.
- The library’s review highlighted key lessons learned to assist other organizations facing similar issues.
- ICO commended the British Library for openly addressing its security vulnerabilities rather than penalizing it.
- This decision contrasts with recent fines imposed on other organizations like Advanced and DPP Law for their cyberattack responses.
- ICO emphasizes the importance of proactive risk assessments and implementing security measures like multi-factor authentication.
Read More: https://therecord.media/british-library-no-ico-investigation-ransomware-attack