There will be more with Rich Baich in charge and actively hiring his pals. And yet we hired him after 2 major breaches elsewhere under his watch.
Over his career, Rich Baich was the sitting CISO during three major, highly publicized security incidents. In cybersecurity, managing a massive organization means navigating incidents that are often the result of legacy vulnerabilities, supply chain failures, or sophisticated fraud.Two of the most significant breaches in corporate history occurred while he was actively directing security operations, alongside one major internal corporate data leak.
- ChoicePoint (2005)The Incident: ChoicePoint, a major data broker, unknowingly sold the sensitive personal and financial data of over 163,000 consumers to identity thieves who were posing as legitimate business clients.Baich’s Role at the Time: He was the sitting Chief Information Security Officer (CISO).
- Wells Fargo (2017)The Incident: A lawyer representing Wells Fargo accidentally released an unencrypted trove of sensitive financial and personal data belonging to tens of thousands of wealthy clients to a opposing attorney during a legal discovery process. Baich’s Role at the Time: He was the CISO of Wells Fargo (serving from 2012 to 2019).
- AT&T (2024)The Incident: AT&T suffered two massive, separate data exposures in 2024 that compromised the data of over 100 million current and former customers, leading to a $177 million class-action settlement.The March 2024 Breach: A database containing older 2019 customer data (including SSNs and account passcodes) leaked onto the dark web.The July 2024 Snowflake Breach: Hackers targeted AT&T’s cloud storage provider (Snowflake) and stole 6 months of call and text metadata belonging to nearly all wireless customers.Baich’s Role at the Time: Senior Vice President and CISO of AT&T (appointed in 2023).