Millions of bank loan and mortgage docs are now in the hands of hackers thanks to a 3rd party analytics firm

Breaking news! Be aware! This morning millions of mortgage and bank loan documents have been exposed by Ascension.
For those who don’t know Ascension is a data and analytics company that is serving the financial industry, its main activity is to convert paper documents into readable digital optical character recognition (OCR) files.
This huge cybersecurity breach illustrates very well one of the complexities of the third party risk management approach.

Experts are saying that even worse is the fact that at least one of the banks, affected by the breach, wasn’t even a customer of the Ascension which is responsible for this data leak.

The bank is unwillingly involved because the hackers hit hard on the subcontractors or downstream service providers. Because of this subcontractor idea of business, many companies suffer hard even if they don’t have any business relationship with each other.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Don’t make the mistake to think that you as a person are safe of this kind of destructive business policies; în fact even individuals can be affected by breached companies of which they have no explicit relationship, such as credit bureaus and data brokers.

Dangerous facts like this push experts to urge the need for collaboration in third-party risk management approach.
The idea of such collaboration is based on the fact that a complex network of threats demands a strong network of organizations that develop and share knowledge, practices, and standardized expectations for all third parties. All members of the collective intelligence approach need to implement third-party risk management tools, education, and certifications, in both public sector entities and private companies worldwide in order to reduce the risk of such devastating cyberattacks.

We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.