Clorox is suing its service desk vendor following a $380 million cyberattack in 2023. The lawsuit alleges the vendor's lax security practices, specifically the disclosure of employee passwords, directly enabled the breach. Clorox claims the attack was easily preventable and attributes the significant financial losses to the vendor's negligence. The company is seeking damages to recoup the costs associated with the incident, including remediation, lost sales, and reputational harm. The case highlights the critical importance of robust cybersecurity protocols within supply chains and the potential liability of third-party vendors in data breaches.