Perry Johnson & Associates (PJ&A) is a prominent company in the United States responsible for managing patient information by providing ‘medical transcription solutions’ to healthcare institutions. In May 2023, PJ&A was breached, resulting in one of the most significant threats to the privacy of personal information. Although not confirmed by PJ&A, experts in the field claim the data breach may be the result of hackers exploiting vulnerabilities in the supply chain. While it’s not always a result of the company’s negligence or wrongdoing, there are ways to enhance security. To mitigate the risk of such breaches, Sling provides an all-encompassing third-party risk assessment platform that can help maintain cyber integrity in the supply chain.
It is important to note that the breach impacted approximately 9 million individuals in America, emerging as one of the biggest identity hacks in 2023. The information leaked compromises not only the victims but also third parties connected to PJ&A. Being part of a complex supply chain, PJ&A’s vulnerabilities have affected many medical institutions working with their systems. The information leaked may be used for various tactics employed by hackers to jeopardize individuals’ well-being. In the wrong hands, the information can be used to impersonate people, giving hackers access to financial information, bank accounts, and serving as a gateway for identity theft. Moreover, if exploited, the information can be used for blackmail or even sold to individuals operating on the darknet.
PJ&A serves as a proper case study for understanding the importance of third-party risk management (TPRM). Whether the data breach resulted from exploiting vulnerabilities in third parties collaborating with PJ&A, or if PJ&A itself acted as a third party impacting medical institutions, the importance of third-party risk management cannot be overstated. TPRM serves as a valuable strategy in anticipating breaches and predicting hacks by analyzing vulnerabilities in the supply chain. Moreover, TPRM mitigates the threat posed to attacked assets by correctly managing registered information.
With the utilization of verified information and collected data, Sling can predict where attacks might happen. Using a deep assessment of known vulnerabilities in supply chains, Sling has created an intricate scoring system that helps businesses assess their vendors and find vulnerabilities before they are exploited. By doing so, our solution can help you make informed decisions about your security strategy.
In the event of an unwanted breach, Sling can offer technical evaluations to identify compromised assets and assist in verifying known malware within your supply chain, enabling prompt adjustments to be made.