Same server attacked multiple systems across the nation @ Great Plains Health

In November, Great Plains Health experienced a cyberattack that impacted multiple systems within the organization. The attack disrupted access to archived information, which is not frequently used. Critical patient systems were restored within two we...

Cyber attack forced some critical services offline @ One Brooklyn Health

In November 2022, One Brooklyn Health (OBH), a network of three hospitals in Brooklyn, New York, experienced a cybersecurity attack that significantly impacted their operations. The attack disabled critical systems, including electronic medical record...

No breach of its system despite customer concerns emerging online then data breach formally disclosed @ The Standard Bank of South Africa Limited

In July 2024, numerous Standard Bank customers turned to social media to voice concerns about potential fraudulent activity on their accounts. Customers reported difficulties accessing the bank's mobile app and enduring excessively long wait times wh...

Personal information obtained in data breach @ Zydus Pharmaceuticals (USA) Inc.

Zydus Pharmaceuticals (USA) Inc., the U.S. generic drug branch of Zydus Lifesciences, experienced unauthorized activity on its computer network on or around July 28, 2024. Following an investigation, Zydus determined that a data breach may have compro...

Major cyber attack that has left millions of customers' details exposed @ Currys PC World and 3 more...

In June 2018, the company disclosed a significant data breach initially as impacting 5.9 million payment cards and 1.2 million personal data records. The breach involved unauthorised access to customer data, including names, addresses, email addresses...

Employee data stolen in MOVEit breach @ Amazon.com, Inc.

In November 2024, Amazon disclosed a data breach that exposed the personal information of its employees. The breach stemmed from a security vulnerability in the MOVEit Transfer software used by one of Amazon's third-party property management vendors. ...

1.8 million individuals affected by ransomware attack @ Summit Pathology Laboratories, Inc.

In April 2024, Summit Pathology Laboratories Inc., a Colorado-based pathology service provider, experienced a significant cybersecurity breach impacting approximately 1,813,538 patients. The breach, attributed to the Medusa ransomware group, occurred ...

Unauthorised access to consumers’ sensitive information @ SelectBlinds

In January 2024, SelectBlinds, an online retailer specializing in window coverings and a subsidiary of Hunter Douglas, experienced a significant cybersecurity breach. The breach, discovered on September 28, 2024, involved unauthorized access to sensit...

Unauthorised party accessed consumers’ sensitive information including names and Social Security numbers @ Form I-9 and I-9 Compliance

Form I-9 Compliance, a California-based business services company, experienced a data breach that exposed the personal information of numerous individuals. The breach occurred due to unauthorized access to the company's computer network, which spanned...

Data breach exposed 56,904,909 customers' accounts @ Hot Topic

A data breach potentially impacting millions of Hot Topic, Box Lunch, and Torrid customers was first reported in October 2024. A threat actor, using the alias "Satanic," claimed responsibility for the breach on a dark web forum, initially offering to ...

Lead by example in cyber

Premier risk-driven analysis

All our analysis is overseen some of the leading members of the risk community and includes lessons learnt, controls environment and root cause analysis. Learn more...

High-quality structured cyber dataset

Key attributes of each case - such as threat actor, costs incurred, failed controls etc. - are captured through the Global Cyber Event Taxonomy Learn more...

Consulting & training services

Our case studies have provided us with unique insights into the challenges faced and strategies implemented by organisations countering cyber security threats. Learn more...