Jake Olcott, a vice president at Bitsight, said his company would describe this as a fourth party risk issue for major financial institutions. “What happened here is that the financial institutions sold loans to third party organizations, who then used Ascension Analytics to perform analysis on the loans. Ascension Analytics is the organization that experienced the security issue in this case.” He added, while a company like Citi arguably did nothing wrong, this is an example of a financial organization currently experiencing some reputational repercussions due to a fourth party cyber issue.
