Ion wasn’t deemed a ‘critical’ vendor by most clients

The software firm escaped heavy scrutiny ahead of its cyber attack, says a US Treasury official.

Ion Group, which suffered a ransomware attack on January 31 that disabled some of its services and initially raised systemic fears, was not classified as a critical third-party vendor by many of its clients, according to a US Treasury official.

“Many firms that were onboarded [by] Ion didn’t use the highest level of scrutiny that they use for their most critical third-party vendors,” said Todd Conklin, deputy assistant secretary in the US Treasury department’s Office of Cybersecurity and

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Waterstechnology? View our subscription options

If you already have an account, please sign in here.

The Cusip lawsuit: A love story

With possibly three years before the semblance of a verdict is reached in the ongoing class action lawsuit against Cusip Global Services and its affiliates, Reb wonders what exactly is so captivating about the ordeal.

You need to sign in to use this feature. If you don’t have a WatersTechnology account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here