shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: Vertafore

      Nov 13, 2020 10:42:28 AM

      The target: Vertafore, a U.S based insurance provider. 

      The take: 27.7 million records of personally identifiable information including: driver license numbers, first and last names, date of birth, address, and vehicle registration history. 

      The attack vector: Three database files containing the above information were placed, through human error, on an unsecured external, third-party storage service with no authorization access. Meaning anyone with an internet connection had the ability to access and download the data.

      This breach highlights the importance of robust cybersecurity protocols and processes. Rigid steps around the transfer andmovement of data is needed to ensure maximum protection of sensitive information, with multiple checks to verify that the destination of the information is secure and expected safeguards are in place. When data is moved, the proper controls commensurate with the sensitivity of the data must travel with it.

      Read more...

      Topics:Know Your Breach

      About Castle Hall Diligence

      Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

      Subscribe to Cyber Updates