Information of patients, other healthcare providers and physicians exposed @ Greater Rochester Independent Practice Association and Progress Software Corporation

The Greater Rochester Independent Practice Association, commonly referred to as GRIPA, has reached a settlement agreement totaling two million one hundred and fifty thousand dollars to resolve a class action lawsuit following a major data breach. The ...

Personnel system breached at facility instrumental in US nuclear energy research @ Idaho National Laboratory

In November 2023, Idaho National Laboratory (INL), a prominent U.S. Department of Energy research facility specializing in nuclear energy and cybersecurity, experienced a significant data breach. The breach affected the laboratory's Oracle Human Capit...

357,000 patients' protected health information compromised @ Onsite Mammography

In April 2025, Onsite Mammography, a Massachusetts-based medical imaging provider, announced a data breach affecting 357,265 individuals. The breach stemmed from unauthorized access to an employee's email account, which was discovered in October 2024....

34,000 individuals impacted by data breach @ Henderson & Walton Women’s Center

A data breach impacting over 34,000 individuals occurred at Alabama Women’s Health Center (HWWC) due to a hacked employee email account. Although internal emails were encrypted, the hackers' access to the account necessitated an investigation into pot...

Town lost more than $545,000 in cyber scam @ Town of Surfside Beach

The town of Surfside Beach, South Carolina, fell victim to a cyber scam in March 2026, resulting in a loss of over $545,000. The incident involved a fraudulent payment intended for Wildcat Contractors, Inc., a North Carolina construction firm. Town of...

Data security incident involved protected information of some health system's patients @ Presbyterian Healthcare Services and Thompson Coburn

In May 2024, Thompson Coburn LLP, a law firm representing Presbyterian Healthcare Services, discovered suspicious activity on its network. A subsequent investigation revealed that an unauthorized actor had accessed and potentially exfiltrated files c...

Files stored within email accounts accessed by unauthorised party @ Mount Kisco Surgery Center

In May 2026, the Mount Kisco Surgery Center in New York settled a class-action lawsuit for $527,500 related to a data breach that occurred in November 2023. The surgery center detected unusual activity within an employee's email account, indicating th...

Union members’ sensitive healthcare information exposed @ Screen Actors Guild-American Federation of Television and Radio Artists

In September 2024, SAG-AFTRA Health Plan, a health insurance provider for media professionals, experienced a data breach due to a phishing attack. An unauthorized party gained access to an employee's email account, exposing the personal information of...

Cyber attack on customer-facing infrastructure for state services like food stamps and Medicaid @ Deloitte and The State of Rhode Island

In December 2024, Rhode Island experienced a significant cybersecurity breach impacting its RIBridges system, an online platform managing the state's social and health benefits. The attack, attributed to the Brain Cipher ransomware group, resulted in ...

Cybersecurity incident involved unauthorised access to sensitive personal and protected health information @ MCBS, LLC

MCBS, LLC, a regional healthcare management and revenue cycle company based in Augusta, Georgia, recently disclosed a significant cybersecurity incident involving unauthorized access to its internal network. The company, which operates under the name ...

Lead by example in cyber

Premier risk-driven analysis

All our analysis is overseen some of the leading members of the risk community and includes lessons learnt, controls environment and root cause analysis. Learn more...

High-quality structured cyber dataset

Key attributes of each case - such as threat actor, costs incurred, failed controls etc. - are captured through the Global Cyber Event Taxonomy Learn more...

Consulting & training services

Our case studies have provided us with unique insights into the challenges faced and strategies implemented by organisations countering cyber security threats. Learn more...