Published: April 1, 2024
By Annie blog posts
Tuesday, April 30, 2024
Nothing to report.
XL8, a deep-tech startup specializing in AI-powered machine translation technology, announced the completion of its SOC 2 Type 2 accreditation.
CyberArk, an identity security company, announced the completion of its SOC 2 Type 2 and SOC 3 accreditations.
OSARO, a robotics AI software company in the e-commerce fulfillment sector, announced the completion of its SOC 2 Type 2 accreditation.
SessionGuardian, a provider of continuous identity assurance and data protection solutions, announced the completion of its SOC 2 and ISO/IEC 27001:2022 certifications.
WurkNow, a leader in workforce management solutions, announced the completion of its SOC 2 Type 1 accreditation.
HSBlox, Inc., an organization that provides healthcare organizations with the tools and support to manage value-based programs successfully and sustainably, announced the completion of its SOC 2 Type 1 accreditation.
Sora Finance, a technology firm in the financial advisory sector, announced the completion of its SOC 2 accreditation.
Four of America’s largest mobile operators sold access to customer location data to third parties without gaining customer consent or putting adequate safeguards in place, the FCC has claimed. The US communications regulator issued its judgement yesterday, fining Sprint ($12m), T-Mobile ($80m), AT&T ($57m) and Verizon ($47m) close to $200m in total for breaking the law. Read more here.
Monday, April 29, 2024
Coffee County, GA – The computer infrastructure of a Georgia county at the center of an effort to falsely claim that the state’s 2020 presidential election was marked by fraud was struck by a cyberattack earlier this month that prompted state officials to sever Coffee County’s access to statewide election systems. Officials have been forced to use laptops and cellular networks to connect to the system since last week. Read more here.
DigiCert, a global provider of digital trust, announced the completion of its SOC 2 Type 2 accreditation.
Nothing to report.
Friday, April 26, 2024
Nothing to report.
EchoGlobal, a Ukraine-based IT staffing and team augmentation provider, obtained ISO 27001 certification.
Nothing to report.
Thursday, April 25, 2024
Nothing to report.
Joshu, the platform to build, distribute, and grow digital insurance products, announced the completion of its SOC 2 accreditation..
The Coterie, a provider of software products for investors and managers of alternative assets, announced the completion of its SOC 2 Type 2 accreditation.
Devexperts, a provider of software and services for the financial industry, announced the completion of its SOC 2 Type 2 accreditation.
The Czech Republic’s data protection authority (DPA) issued a fine of 351 million Czech koruna (USD $15 million) against antivirus software vendor Avast for alleged violations of the GDPR. Read more here.
Wednesday, April 24, 2024
Nothing to report.
Axiom Cloud, which uses AI and automation to efficiently detect refrigerant leaks for grocery retailers and cold storage facilities, announced the completion of its SOC 2 accreditation.
ScalePad, announces the achievement of SOC 2 Type II and ISO 27001 compliance certifications for its products Lifecycle Manager, Lifecycle Insights, Backup Radar, and ControlMap.
Nothing to report.
Tuesday, April 23, 2024
Change Healthcare – Change Healthcare, a major US medical firm, has suffered a disruptive ransomware attack by AlphV (BlackCat), impacting pharmacies nationwide.
Current Status:
DwellFi, a provider in the fintech industry specializing in AI, blockchain, and tokenization solutions for Private Funds and Fund Administrators, announced the completion of its SOC 2 Type 1 accreditation.
Konnech Inc., a provider of software solutions for election management, announced the completion of its SOC 2 accreditation.
Bluemeteor, a provider n AI-powered product content management, obtained ISO 27001 certification.
Nothing to report.
Monday, April 22, 2024
Nothing to report.
BurstIQ, a provider of advanced data management solutions for the secure handling and sharing of data, announced the completion of its SOC 2 Type 2 accreditation.
Tiny Technologies, a provider of innovative rich text editing solutions under the Tiugo Technologies brand, announced the completion of its SOC 2 Type 2 accreditation.
Nothing to report.
Friday, April 19, 2024
Nothing to report.
Pickcel, a provider of digital signage solutions ,recently achieved ISO 27001 certification.
Nothing to report.
Thursday, April 18, 2024
New York State Legislature – State officials are investigating a major cyberattack on the government agency charged with drafting state budget bills.The investigation comes as the Legislature and governor are finalizing the details of the $237 billion state budget. Read more here.
The United Nations Development Programme (UNDP) – In a statement, the organization said the attack targeted local IT infrastructure in UN City, the Copenhagen-based complex that houses nearly a dozen UN agencies. The UNDP said it learned on March 27 that a “data-extortion actor had stolen data which included certain human resources and procurement information”. While UNDP has not shared any additional information on the incident, the organization was apparently targeted in a ransomware attack conducted by a group named 8base.
DataDome, whose mission is to rid the web of fraudulent traffic, announced the renewal of its SOC 2 Type 2 accreditation.
QualiZeal Inc., a provider of Digital Quality Engineering services, announced the completion of its SOC 2 Type 2 accreditation.
EarlyBirds, an Australian innovation intelligence platform, recently achieved ISO 27001 certification.
Pano AI, a company focused in artificial intelligence-driven wildfire detection, recently achieved ISO 27001:2022 certification.
Nothing to report.
Wednesday, April 17, 2024
Nothing to report.
Forward Networks, a company that develops enterprise software for network management and software-defined networking, announced the completion of its SOC 2 Type 2 accreditation.
Landis, a platform paving the way for renters to become homeowners, announced the completion of its SOC 2 Type 2 accreditation.
Nothing to report.
Tuesday, April 16, 2024
Nothing to report.
Certify, a provider intelligence platform powered by API integrations and hundreds of verified data points, announced the completion of its SOC 2 Type 2 accreditation.
TaxDome, a provider of integrated software solutions for tax professionals and accountants, announced the completion of its SOC 2 Type 1 accreditation.
Circle, a financial technology company and $USDC issuer, announced the completion of its SOC 2 Type 2 accreditation.
Polygon Labs, a player in the blockchain industry, has achieved ISO 27001:2022 certification.
Nothing to report.
Monday, April 15, 2024
Nexperia, a Chinese-owned semiconductor company headquartered in the Netherlands, has announced being hacked after a ransomware group uploaded what it claimed were stolen confidential documents to a darknet extortion site. In a statement late last week, the company said it had “become aware that an unauthorized third party accessed certain Nexperia IT servers in March 2024.
Jumbula, a provider of online registration, payment, and class/camp management, announced the completion of its SOC 2 Type 1 accreditation.
Layer3, a provider of cloud and AI-driven network solutions in Nigeria, has achieved ISO 27001:2022 recertification.
Orbyt, is an integrated Software-as-a-Service platform providing a one-stop shop for multi-channel distribution and payments, recently completed the ISO 27001 certification.
Nothing to report.
Friday, April 12, 2024
New Mexico Highlands University officials canceled classes through April 14 as they’re still dealing with a ransomware incident. Officials say the incident took systems offline and prompted an ongoing investigation. Several systems are still offline, including the MyNMHU portal.
Nothing to report.
Nothing to report.
Thursday, April 11, 2024
Nothing to report.
Fraud.net, a fraud and risk management platform, announced the completion of its SOC 2 Type 2 accreditation.
Balance, Canada’s oldest and largest digital asset custodian, announced the completion of its SOC 2 Type 2 accreditation.
Nuvo, the leading trade credit technology platform, announced the completion of its SOC 2 Type 2 accreditation.
Computers Unlimited, a software development company, announced the completion of its SOC 2 Type 2 accreditation.
Bridgeline Digital, Inc., a global leader in AI-powered marketing technology, announced the completion of its SOC 2 Type 2 accreditation.
3. Company Fines
Nothing to report.
Wednesday, April 10, 2024
Nothing to report.
DocNetwork, an electronic records oganization for camps, schools and childcares, announced the completion of its SOC 2 Type 2 accreditation.
Kredit, a centralized debt resolution platform and network, announced the completion of its SOC 2 Type 1 accreditation.
Uniken, a provider of security, authentication, and identity verification, announced the completion of its SOC 2 Type 2 accreditation.
Interpres Security, a company dedicated to optimizing defenses against prioritized threats targeting organizations to reduce threat exposure, announced the completion of its SOC 2 Type 2 accreditation.
Blue Mountain, a leader in GMP-compliant EAM (Enterprise Asset Management) software for life sciences, announced the completion of its SOC 2 Type 2 accreditation.
Enlyft, a predictive selling platform for go-to-market teams, obtained ISO 27001 and ISO 27701 certifications and renewed its SOC 2 Type 2 accreditation.
Quickparts, a global provider of on-demand manufacturing services, has achieved ISO 27001:2022 certification.
3. Company Fines
Nothing to report.
Tuesday, April 9, 2024
GBI Genios, a database company used by numerous media organizations in Germany, announced on Tuesday its servers were unavailable “due to a massive hacker attack.” In a post on LinkedIn, Genios said the incident was a ransomware attack and cautioned, “unfortunately we have to assume an outage for several days.”
The Group Health Cooperative of South Central Wisconsin (GHC-SCW) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that it was the target of a ransomware attack. In this notice, GHC-SCW explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, telephone numbers, email addresses, dates of birth, Social Security numbers, member numbers, and Medicare / Medicaid numbers.
Interpres Security, a company optimizing defenses against prioritized threats targeting organizations to reduce threat exposure, announced the completion of its SOC 2 Type 2 accreditation.
TradeCentric, a provider of B2B connected commerce solutions powering integration and automation between eCommerce and eProcurement systems, announced the completion of its SOC 2 Type 2 accreditation.
Certiverse, an exam development and delivery platform that leverages advanced technology to transform the way exams are created and administered, announced the completion of its SOC 2 Type 2 accreditation.
Smith, a leading global distributor of electronic components and semiconductors, recently completed the ISO/IEC 27001 certification.
3. Company Fines
Nothing to report.
Monday, April 8 2024
Change Healthcare – Change Healthcare, a major US medical firm, has suffered a disruptive ransomware attack by AlphV (BlackCat), impacting pharmacies nationwide.
Current Status:
OMS, is an end-to-end platform which covers product areas such as residential, buy-to-let, second charge, equity release, bridging, commercial plus general insurance, and protection., recently completed the ISO 27001 certification.
AddSecure, a European provider of secure IoT connectivity and end-to-end solutions and a fast-growing business, recently completed the ISO 27001 certification.
3. Company Fines
Nothing to report.
Friday, April 5, 2024
Panera Bread recently experienced a week-long outage due to a ransomware attack, according to reports. The attack encrypted many of the company’s virtual machines, causing data and application access issues. Panera Bread has restored some systems from backups to address the situation. Read more here.
Jackson County, Missouri, declared a state of emergency and indefinitely closed key offices due to a ransomware attack, causing significant disruptions in its IT systems.
Current Status:
KopenTech LLC, an electronic trading and analytics platform for structured products, announced the completion of its SOC 2 Type 2 accreditation.
Cymbio, the leading marketplace and dropship automation platform for brands, has achieved the ISO27001:2022 certification.
3. Company Fines
Nothing to report.
Thursday, April 4, 2024
Nothing to report.
Wrike, a work management platform, announced the completion of its SOC 2 Type 2 accreditation and all ISO 27k series certifications.
Routespring, a provider of corporate travel solutions, announced the completion of its SOC 2 Type 2 accreditation.
Barcoding, Inc., a company in supply chain efficiency, accuracy and connectivity, announced the completion of its SOC 2 Type 1 accreditation.
Ireckonu, a Hospitality Middleware and Customer Data Platform for hotel chains, has achieved the ISO27001:2022 certification.
WiTTRA, an innovator in the Internet of Things (IoT) solutions, proudly announces its achievement of the ISO 27001 certification.
3. Company Fines
Nothing to report.
Wednesday, April 3, 2024
Strategic Technology Solutions (STS), a firm specializing in delivering Managed IT, Cloud and Cybersecurity services to the legal sector, announced the completion of its SOC 2 Type 2 accreditation.
VIQ Solutions Inc., a global provider of secure, AI-driven, digital voice, and video capture technology and transcription services, announced the completion of its SOC 2 Type 1 accreditation.
Zero&One, a cloud-focused consultancy firm, has achieved the ISO27001:2022 certification.
3. Company Fines
Nothing to report.
Tuesday, April 2, 2024
Nothing to report.
BridgeFT, a cloud-native, API-first wealth infrastructure software company, announced the completion of its SOC 2 Type 2 accreditation.
XiltriX North America, a provider of real-time environmental monitoring systems for the life science industry, announced the completion of its SOC 2 Type 2 accreditation.
TicketRev, a demand-driven technology platform for live event tickets, announced the completion of its SOC 2 Type 1 accreditation.
RallyWare , the Performance Enablement Platform for large sales forces, announced the completion of its SOC 2 Type 1 accreditation.
ChurnZero, the platform and partner for customer success, has earned ISO 27001 certification.
3. Company Fines
Nothing to report.
Monday, April 1, 2024
Florida Memorial University (FMU), South Florida’s sole historically Black college or university, has reportedly been targeted in a cybersecurity breach by the ransomware group INC Ransom. The extent of compromised data remains uncertain and FMU has not released an official statement regarding the breach. INC Ransom has demonstrated their malicious intent by uploading a ‘proof pack’ on their website, featuring scans of passports, Social Security numbers, and contractual documents allegedly obtained from FMU’s databases.
Tether, a cryptocurrency company, announced the completion of its SOC 2 Type 1 accreditation.
3. Company Fines
Nothing to report.
Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.
Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.
Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.