Home CII/OT The Vendor Responsible for Third-Party Breaches

The Vendor Responsible for Third-Party Breaches

The Vendor Responsible for Third-Party Breaches

The recent data breach affecting nearly 30,000 individuals has put Fidelity Investments Life Insurance Company (FILI) in the spotlight. The breach, which was facilitated by a third-party service provider, Infosys McCamish (IMS), has raised concerns about the security of personal information stored by these companies.

IMS first alerted Fidelity to the breach in November after discovering a “cybersecurity event” that compromised its systems between October 29 and November 2. An investigation conducted by both IMS and a third-party firm revealed that an unauthorized actor was able to access and obtain sensitive data stored on these systems. While the exact nature of the information accessed remains unclear, Fidelity reports that it likely included individual names, Social Security numbers, states of residence, bank account and routing numbers, and dates of birth.

This incident marks the second time this year that IMS has been implicated in a third-party breach, with the previous incident affecting Bank of America and compromising the data of over 57,000 customers. The similarities between the two breaches are concerning, raising questions about the security protocols in place at IMS and the potential vulnerabilities that may exist within their systems.

The frequency and impact of third-party security breaches have been on the rise, with experts warning that enterprises must improve their capabilities to manage and govern third-party access as part of their identity-security programs. Jeff Margolies, Chief Product and Strategy Officer at Saviynt, emphasized the importance of securing third-party relationships to prevent unauthorized access to critical data.

In response to the breach, Fidelity is taking steps to assist affected individuals, offering 24 months of credit monitoring through TransUnion Interactive. Additionally, the company is urging merchants to carefully review their financial statements and credit reports for any signs of fraudulent or suspicious activity. Any concerning activity should be reported to the appropriate authorities for further investigation.

As Fidelity works to address the fallout from this breach and collaborates with IMS to enhance security measures, the incident serves as a reminder of the ongoing threats posed by cyberattacks and the importance of safeguarding personal information. With data breaches becoming increasingly common, companies must remain vigilant and proactive in their efforts to protect customer data and prevent future security breaches.

Source link


Please enter your comment!
Please enter your name here