Stefanie Ferrari of BakerHostetler writes:
Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification. As in prior years, vendor incidents involved phishing schemes and inadvertent disclosures but primarily resulted from ransomware attacks on the vendors’ systems. These ransomware attacks often involved the theft of customer data from a vendor’s environment or even spread of the ransomware from the vendor to the customer’s environment by utilizing the vendor’s own credentials.
Read more at DataCounsel.