The Vendor You Cannot Name.
Two U.S. banks disclosed a breach at the same unnamed third-party vendor in April 2026. Six class action lawsuits followed in two weeks. The vendor still has not been publicly named — and the disclosure language hides what every customer, plaintiff, and regulator actually needs to know.
The 72-Minute Gap: What the Breaches, the Vendors, and the Messaging Are Actually Telling Us
AI-driven cyberattacks now move from breach to data exfiltration in just 72 minutes. Meanwhile, one CISO has already eliminated the entire SOC team, replacing it with AI-powered automation. In this Lens Four analysis, Sean Martin examines what the latest breach data, vendor moves, and industry messaging are actually telling security leaders — and what it means for cybersecurity programs, budgets, and strategy in 2026.