Major cyber attack that has left millions of customers' details exposed @ Currys PC World and 3 more...

In June 2018, the company disclosed a significant data breach initially as impacting 5.9 million payment cards and 1.2 million personal data records. The breach involved unauthorised access to customer data, including names, addresses, email addresses...

1.8 million individuals affected by ransomware attack @ Summit Pathology Laboratories, Inc.

In April 2024, Summit Pathology Laboratories Inc., a Colorado-based pathology service provider, experienced a significant cybersecurity breach impacting approximately 1,813,538 patients. The breach, attributed to the Medusa ransomware group, occurred ...

Unauthorised access to consumers’ sensitive information @ SelectBlinds

In January 2024, SelectBlinds, an online retailer specializing in window coverings and a subsidiary of Hunter Douglas, experienced a significant cybersecurity breach. The breach, discovered on September 28, 2024, involved unauthorized access to sensit...

Unauthorised party accessed consumers’ sensitive information including names and Social Security numbers @ Form I-9 and I-9 Compliance

Form I-9 Compliance, a California-based business services company, experienced a data breach that exposed the personal information of numerous individuals. The breach occurred due to unauthorized access to the company's computer network, which spanned...

264,000 patients' SSNs and PHI breached @ HealthAlliance, Inc.

In December 2023, HealthAlliance, Inc., a health insurance company, discovered a data breach within its IT network. An unauthorized party accessed and potentially acquired sensitive consumer information between August 18, 2023, and October 13, 2023. T...

Staff asked not to connect to internal networks after cyber attack @ Halliburton Company

In August 2024, the major US oilfield services company experienced a significant cyberattack, which was later reported to have been conducted by the Ransomhub group. The attack forced the company to take their systems offline to contain the breach...

Data breach after unauthorised party accessed sensitive consumer data @ Elemetal, LLC

In March 2024, the law firm Federman & Sherwood initiated an investigation into a data breach at Elemetal, LLC. Elemetal, a company that handles sensitive consumer data, discovered unauthorized access to their servers on August 22, 2023. The breach ...

Unauthorised party interfered with use of specific servers @ Microchip Technology Incorporated

In August 2024, the US-based semiconductor manufacturer experienced a significant cybersecurity breach after detecting suspicious activity within its IT systems. Further investigation revealed that an unauthorized party had disrupted access to certain...

Ransomware attack resulted in IT outages @ Scranton School District

In March 2024, the school district experienced a ransomware attack that significantly disrupted its IT systems and daily operations. The attack forced the district to delay classes by two hours and prompted a digital shutdown, with staff instructed to...

Unauthorised access to information systems and patient data exfiltrated @ Cencora Inc.

In February 2024, the company experienced a significant cybersecurity breach. Initially, the company publicly acknowledged the attack and confirmed data had been stolen, including sensitive personal information of its customers. By May 2024, the d...

Lead by example in cyber

Premier risk-driven analysis

All our analysis is overseen some of the leading members of the risk community and includes lessons learnt, controls environment and root cause analysis. Learn more...

High-quality structured cyber dataset

Key attributes of each case - such as threat actor, costs incurred, failed controls etc. - are captured through the Global Cyber Event Taxonomy Learn more...

Consulting & training services

Our case studies have provided us with unique insights into the challenges faced and strategies implemented by organisations countering cyber security threats. Learn more...