CISObyte 04-30-2020
An effective 3rd-party risk management program can protect your company from possible reputational, operational, and litigation damages.
When you have the opportunity to protect your data, do it, don’t wait.
Legal risk is one of the several types or risk a company will face when defending against internet threats. This lawsuit against LabCorp by its investors will negatively affect an already-tarnished reputation, operations in terms of expected net cash loss, and of course the time and expense of the lawsuit itself. It may also bring personal liability for LabCorp’s officers: “LabCorp’s chief executive, chief information officer, and chief financial officer are specifically named in the Delaware court case, which accuses them of ignoring “persistently deficient cybersecurity measures” that led to a data breach and malware infection.”
“LabCorp’s board and top executives were hit with a Delaware lawsuit blaming them for investor losses stemming from two massive data breaches by a billing vendor that exposed the personal information of millions of patients.” “A data breach occurring at the American Medical Collection Agency (AMCA) lasted for a period of eight months, between August 2018 and March 2019. The billing agency’s breach, in which a threat actor was able to compromise internal networks, led to the theft of information belonging to at least 20 million US citizens.” “AMCA was unable to handle the financial ramifications of the security incident and later filed for bankruptcy.” “According to the lawsuit, failing to address these problems has impacted investors and resulted in financial losses due to share price changes, and therefore, damages are sought.”
- Risk Management
- Legal Risk
- 3rd-party Risk Management
- Data Loss Protection
