#3rdpartyrisk — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #3rdpartyrisk, aggregated by home.social.
-
Another case of third party risk biting hard. APCS, a major background check provider, is dealing with a breach traced to its software supplier Intradev. The exposed data includes passport, license, and national insurance details, which is a nightmare in terms of fraud risk. Once again, sensitive personal data ends up vulnerable not through the primary service but through a vendor down the chain.
TL;DR
⚠️ Supplier compromise
🛠️ Sensitive IDs exposed
🔍 ICO now investigating
📌 Financial data spared (so far)https://www.theregister.com/2025/08/22/apcs_breach/
#cybersecurity #databreach #riskmanagement #infosec #security #privacy #cloud #infosec #3rdPartyRisk -
Another case of third party risk biting hard. APCS, a major background check provider, is dealing with a breach traced to its software supplier Intradev. The exposed data includes passport, license, and national insurance details, which is a nightmare in terms of fraud risk. Once again, sensitive personal data ends up vulnerable not through the primary service but through a vendor down the chain.
TL;DR
⚠️ Supplier compromise
🛠️ Sensitive IDs exposed
🔍 ICO now investigating
📌 Financial data spared (so far)https://www.theregister.com/2025/08/22/apcs_breach/
#cybersecurity #databreach #riskmanagement #infosec #security #privacy #cloud #infosec #3rdPartyRisk -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail