In June, a file transfer program called MOVEit was breached by a Russian-speaking ransomware gang in what became one of the largest and highest profile third-party data breaches in history.
More than 16 million people (and counting) have had data exposed in the breach. Crucially from a cyber and data security perspective, all of this information was stolen after being shared by companies with their suppliers.
A lot of service providers and platforms used MOVEit in their operations. For example; the BBC, two airlines, a national retailer, a university and a Government department were all using an HR and Payroll platform which used MOVEit, resulting in employee details including names, addresses and national security numbers being stolen by the Russian criminals.
Almost two months after the breach, organisations are still discovering that their data was stolen and are having to notify staff, customers, shareholders and regulators.
The key takeaway for many organisations is that they share a lot more information with suppliers than they realised and that they have no visibility of how well suppliers are keeping it safe.
Darkbeam has supported more companies and charities than ever in recent weeks, even accelerating our onboarding process so that clients can go from zero supplier cyber risk visibility to a complete understanding of supplier vulnerabilities, threats and their business impact in less than a week.
In many cases, the free Supplier Cyber Risk Management training course provided by Darkbeam is the first exposure Procurement professionals have had to cyber and data risks within the suppliers they manage. Similarly, most Security teams have never had visibility across the third-party estate until Darkbeam is activated within their organisation.
To automate the process of identifying and monitoring cybersecurity vulnerabilities among suppliers, as well as alerting of supplier data breaches, speak to Darkbeam by calling 020 3833 0348 or getting in touch below.