6 Eye-Raising Third-Party Breaches
This year's headlines have featured a number of high-profile exposures caused by third parties working on behalf of major brands.
August 10, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6c05c8da3e318137/64f0d5f168918c074252369b/01-thirdparty.jpeg?width=700&auto=webp&quality=80&disable=upscale)
According to data released earlier this year, the most expensive data breaches start with third parties. Whether it is from poor configuration of online resources managed by a service provider, insecure third-party software, or insecure communication channels with partners, working with third parties can expose organizations to a ton of risks if they don't pay close enough attention.
This year has offered up some crucial examples of the consequences of lax partner and vendor management. Here are a half-dozen highlights.
This week provided the most recent example of the risks posed by third parties when TCM Bank, a credit card issuer for small US banks, announced it had been exposing card applicant data for 16 months. The culprit in question? A misconfigured website managed by an unnamed third-party vendor.
Symantec's identity protection service, Lifelock, suffered an embarrassing incident in June when it was found that an information leakage bug on its site was exposing millions of customer email addresses. Symantec blamed the problem on a third party, which was responsible for managing the opt-out marketing page that was causing the issue.
Nuance, a third-party provider of speech recognition software, offers many healthcare organizations medical transcription services. In May the company exposed 45,000 patient records on behalf of clients including the San Francisco Department of Health and UC San Diego when it failed to stop a breach of its systems.
According to data released earlier this year, the most expensive data breaches start with third parties. Whether it is from poor configuration of online resources managed by a service provider, insecure third-party software, or insecure communication channels with partners, working with third parties can expose organizations to a ton of risks if they don't pay close enough attention.
This year has offered up some crucial examples of the consequences of lax partner and vendor management. Here are a half-dozen highlights.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024