Questions to the Mayor of London – answered at on 13 September 2019.
Can you please confirm that no Metropolitan Police data was compromised in the Eurofins cyber-attack?
In order for Eurofins to recommence work and to understand the impact, if any, of the ransomware on their case information and records, Eurofins carried out a range of systems and data audits. They also carried out full User Acceptance Testing and method verification before recommencing work for all processes that involve interaction with IT systems.
The data audits and the method verification activities were subject to oversight by the Forensic Science Regulator’s office and all plans were submitted to United Kingdom Accreditation Service (UKAS).
All of the data audits confirmed the integrity of data and records including MPS data held by EFS.
In addition, UKAS carried out a specific assessment of Eurofins BCDR response and recovery actions across two days in July and included their Information Security Technical Assessor as part of the inspection team. Eurofins maintained their accreditations for all of their methods.