On the evening of 07 June 2023 pacific time, Tealium became aware of the MoveIT ransomware attack. Tealium’s security operations team conducted an assessment via scanning and querying our configuration management database and verified we DO NOT use MoveIT software within our environment.
What do Customers need to do?
Nothingin relation to Tealium’s Services. Continue to use Tealium’s Services as normal.
Will Tealium notify Customers?
In the event we identify any new connections with MoveIT in our environment in the future, we will invoke our Incident Response processes outlined in our Incident Response Policy and notify affected Customers (if any) in accordance with our Notification Policy.
Compliance, Governance and Audits
Tealium agrees to compliance with all applicable legal and regulatory requirements. See Tealium’s terms at tealium.com/terms
CPP: 1. Data Processing.
2.2 Compliance with Laws. Each party will comply with all Data Protection Laws and Regulations applicable to it and binding on it in the provision or receipt of Services under the MSA, including all statutory requirements relating to data protection.
Tealium has an Information Security and Privacy Management System (“ISPMS”) that defines the implementation of our ISPMS program. The ISPMS program has executive oversight by the ISPMS Governance Council that meets quarterly.