Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.
This week features a slew of ongoing breach complexes involving the compromise of a data processor, which allowed perpetrators to gain access to the breached organizations’ clients’ data – dramatically expanding the scope of the breach. In spite of the breach being more than a year old, the Blackbaud breach complex continues to claim more victims, with six more Blackbaud-linked breaches added to our database this week. In total we have seen more than five hundred organizations affected by the Blackbaud breach, making it the most far-ranging breach complex we have encountered to date. The Barrett Business Services breach illustrates the challenge of managing vendor relationships to appropriately secure data, since they did not do business directly with the breached organization, but instead were affected through yet another vendor, Perkins & Co., which in turn used Netgain Technologies as a cloud hosting provider.