My Voice Is My Password.... Oh Never Mind

Okay, so as a 'typical geek' I will typically reinstall or reimage my machine about every six months. One of the software programs that I really enjoy working with is Nuances Dragon. As I started the installation today I got to the section where the installation asks if I want to install updates at the same time. Then I got a peculiar interface that popped up that said that my download failed, because I wasn't connected to the Internet or the "Flexnet" servers were not available.

I didn't think is was me as I knew it was connected to the Internet. :-) So I went to Nuances website, and in a very small banner I see the announcement that "certain systems within our network were affected by a global malware incident".

I was in shock and genuinely surprised because I know that several companies worldwide have been hit by the recent malware NotPetya. I just would've never guessed that a high technology company like Nuance would fall victim because of lack of policies and procedures. Their website then directed me to go to their twitter account for any updates. I was even more shocked to see that their last update was from five days ago.

As I scroll through some of the comments left by their customers things got even worse, not for me per se but I forgot that Nuance has other divisions and in particular the division is dedicated to helping the medical industry.

Apparently some other services that they provide rely on cloud-based technology which obviously is going to be a problem if you're not able to provide that service to thousands of users. Again remember this is the medical industry, not just little old Dale who is trying to install a voice to text product but these are doctors, doctors assistance, nurses and medical transcribers that are no longer able to do their job and record important patient history.

What's even more shocking is when companies don't communicate what they are doing to fix the issues.
This really should be done at least 2-3 daily and as is the case with Nuance....5 days...really? When people's livelihood depends on software, that software company needs to make sure they've implemented policies and procedures that protects them from outbreaks of malware such as NotPetya.

I mean come on, didn't we learn from WannaCry that by simply patching operating systems, applications or disabling older communication channels (SMB1) and keeping your antivirus products up to date, I don't understand why were still having this problem?

I continue with my installation and did get a series of errors including my favorite...the fact that I can't register my product now!
Which means I get a 5 whopping launches of the program before I'm out of luck. As I went through the installation I noticed that the phrase "certain systems within our network..." Is an understatement. Not only was I not be able to update, activate my software via the app, but even the Web server for https://register.nuance.com has apparently been hit as well.

As a fan of their product I hope that they can weather this situation, its surprising how many companies wouldn't or couldn't survive this type of outage. Especially when they aren't communicating their status to their customers, which it my opinion is just plain unacceptable.

Which brings me to another thought... at what point will we see companies being held responsible (lawfully and legally) for the lack of securing their information in a more importantly our information and our personal data?

I do feel for the IT department at Nuance, as I'm sure they have been and will be working non-stop over this holiday weekend trying to restore services their medical customers (and us lowly end users). But to be brutally honest here...it IS their fault for not staying on top of patching, upgrading and the training of their users...Well here's to hoping I don't have to reboot my laptop or close my DragonBar 4 more times.

UPDATE 7/3/17 4:00pm: Nuance has finally posted a webpage to keep folks updated. https://www.nuance.com/healthcare/customer-update.html, but their registration capabilities via the app and their https://register.nuance.com page are still down.