Latest Research

This content is currently locked.

Your current Info-Tech Research Group subscription does not include access to this content. Contact your account representative to gain access to Premium SoftwareReviews.

Contact Your Representative
Or Call Us:
1-888-670-8889 (US/CAN) or
+1-519-432-3550 (International)

Comprehensive software reviews to make better IT decisions

Feeling Insecure at Wolters Kluwer After Security Breach

On May 6, 2019, a user noticed that the directories where updates to the company’s tax software were hosted were fully accessible (write and modify) by users. Suspicious files were present in the directory suggesting users had gained inappropriate access to the company’s file repository. This drew into question the security of the platform, which left users unsure of the extent of the breach, potentially affecting its customers’ sensitive client data.

Wolters Kluwer offers a wide array of financial and compliance software tools, including OneSumX, which provides mortgage lending, administration, and compliance software. In response to the breach, the company took many of its applications offline while it investigated the extent of the breach.

On May 13, the company issued a press release noting that the majority of the offline services had been restored. However, the company noted that select applications were still unavailable, leaving many customers confused and disappointed with the company’s poor communication throughout the outage and concerned about the future security of the company’s services.

In response to the breach, the Internal Revenue Service provided a seven-day extension to customers of the company for tax return types 990, 1120, and 1065.

Source: SoftwareReviews, Accessed July 4, 2019

Our Take

The breach at Wolters Kluwer highlights the critical importance of rigorous IT best practices. This instance highlights the need for security audits and procedures, data governance, and information security.

The breach has frustrated users, potentially causing them to reevaluate their product choice as well as their vendor relationship due to the company’s poor communications with customers throughout the service outage.

Want to Know More?

Build an Information Security Strategy

Combine Security Risk Management Components into One Program

Build a Vendor Security Assessment Service

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019