Information of seven current and former Palo Alto employees was accidentally exposed by an external partner. The information was apparently posted back in February and included names, dates of birth and Social Security numbers, but they did not verify the location where the information was posted. Palo Alto has also denied identifying the company that caused the security incident, but they did confirm that they have since cut ties with them. An employee who was affected made an anonymous statement that read, “I couldn’t believe it. Of all the firms in the world to be hit by a breach, you would expect Palo Alto, one of the biggest cybersecurity companies in the world, to be able to keep on top of it. I’m disappointed they have decided to protect whoever was responsible for my information being put out there. Sure, they might not be working for them anymore – but who’s to say they won’t do something like this elsewhere?”
When dealing with a third party, it is always important to assess their security posture. It has become more prevalent for third-party companies to cause security risks, even if it is by accident. Make sure any company that is dealt with will properly secure your data.