Insights and analysis from the CYBERSOL team.
The ransomware attack on BridgePay Network Solutions—a payment processor serving Wichita's water utility—represents more than a temporary service outage.
When a Single Vendor Breach Cascades Across 80+ Banks, Regulatory Frameworks Reveal Their Structural Gaps
When Sedgwick Government Solutions—a federal contractor subsidiary of the larger claims administration firm Sedgwick—suffered a confirmed security breach, it...
The breach at Marquis Software—a marketing and compliance vendor serving hundreds of financial institutions—exposed personal information for over 235,000...
The Ticketmaster-Snowflake incident—where stolen credentials gained unfettered access due to absent multi-factor authentication—represents more than a single...
A healthcare technology vendor's 11-month unauthorized portal access affecting 3.6 million provider records represents a structural failure in third-party risk...
The TriZetto breach litigation exposes a structural governance failure that extends far beyond the vendor itself: health systems bear contractual and...
When a critical payment processing vendor experiences ransomware compromise, the liability and notification cascade extends far beyond the vendor itself. The Br
The Conduent ransomware incident—resulting in the theft of 8 TB of sensitive government payment and healthcare data—represents a critical failure point in...
The compromise of 38 million customer records through a third-party customer service vendor represents a structural failure in vendor risk governance that...
The EEOC security incident involving unauthorized contractor access represents far more than a technical failure.
The $17.25M settlement between PowerSchool and Chicago Public Schools represents a critical failure in third-party data stewardship that extends far beyond a...
A 2024 data breach at TriZetto Provider Solutions—affecting over 3 million individuals—exposes a critical governance failure that extends far beyond the vendor...
When a vendor's security infrastructure becomes the attack vector for a customer's breach, contractual accountability collapses.
The Qilin ransomware group's compromise of GJTec, a managed service provider operating across South Korean financial services, represents a structural...
When a single healthcare technology vendor experiences a security breach, the resulting notification obligations do not remain contained within that vendor's...
When Dickinson Public Schools in North Dakota lost $4.92 million to an email impersonation scam targeting a trusted vendor, the incident was widely reported as...
The claimed breach of Luxshare Precision Industry by ransomware group RansomHouse is not primarily a story about Apple's security.
Organizations operating under NIS2, DORA, and sectoral regulatory regimes face an uncomfortable structural reality: traditional vendor risk assessments rely on...
The Coinbase insider incident—involving a contractor's improper access to support tooling and subsequent data exposure—reveals a structural vulnerability in...
Browse by month