Proofpoint at the center of major data breaches

"Once more into the breach!" On March 4th, the Chicago Tribune reported 45,000 patients at the rush Universityh Medical Center got some bad news (read the whole story here). IMHO, probably a phishing or email impersonation attack, based upon this quote in the article:
At Rush, an employee of one of the hospital system’s billing processing vendors improperly disclosed a file to “an unauthorized party,” likely in May 2018, according to a letter sent to affected patients.
As reported by CSO (see the report here), the biggest data breaches of the 21st Century include Marriott, FriendFinder, Home Depot, and Anthem. One thing these companies all have in common with Rush is…yep…they are Proofpoint customers. None of them enforce DMARC email spoofing blocks. As I reported yesterday, neither does Proofpoint use DMARDC enforcement for its own systems.

My question:"How can this many CISOs be so clueless?" And you wonder why I started MadCISO.


Popular Posts