Andorra la VellaAs a result of the cyber attack suffered last week by the technology service provider Andornet, the Andorran Data Protection Agency (APDA) reported on Monday that a total of 32 partial notifications of personal data security breaches had been received.
At the moment, the entity’s inspection area is analyzing the situation and it is expected that over the next few days it will be able to confirm the actual impact of the attack in terms of the breach of personal data.
From the agency, however, it is insisted that the fact of having received a notification “does not mean that the privacy of customers or the population has been compromised, since most entities have not yet been able to determine the scope”.
However, they remind the affected institutions and companies that “they have the obligation to notify the APDA of the violation and that the data controller must communicate it to the affected persons without undue delay”, as the article states 38 of the qualified data protection law (LQPD).
In order to facilitate the work, the APDA already published last week through social networks the links to access the form for notifications of security breaches of personal data, as well as an informative guide for notifications of security breaches of personal data to know what steps those affected must follow.