Time to validate contractor security protocols
A massive data breach last week known as #BlueLeaks exposed ten years of data from over 200 police departments, fusion centers, and other law enforcement sites across the country that contain sensitive personal, banking and security information. The leak came from Netsential, a web-based services firm used to collect and share data among law enforcement entities. Once the Netsential website was compromised, the hackers gained access to client data.
This data breach highlights the importance of ensuring that data, web, and cloud security for third party contractors is carefully reviewed to ensure that it is maintained at the highest level to secure all Commonwealth data. It is a good time to review current contracts and other agreements to validate security protocols, staff training, and data storage protections that will prevent theft of Commonwealth data.
Visit the Cyber Center for additional resources and links for cyber alerts, and contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks.