John Xavier reports that India’s government has been slow to respond to a report by ethical hackers that had been shared with the U.S. Department of Defense Cyber Crime Center (DC3):
which initiated contact with the India’s National Critical Infrastructure Information Protection Centre (NCIIPC). Following this, the security team shared its 34-page threat report to NCIIPC on February 8.
Xavier continues:
Two weeks on, and after repeated follow ups, the country’s nodal agency is yet to give any update on remedial actions taken and breach notification processes followed despite running a responsible vulnerability disclosure programme (RVDP).
Read more on The Hindu. Does it sound realistic to have expected more within two weeks?