.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Camden, New Jersey-based Cooper Health System
The Take: The potentially affected information included individuals’ names, dates of birth, Social Security numbers, health insurance information, treatment information, medical record numbers and medical history information.
The Vector: During the investigation, Cooper discovered that certain data stored in its systems was potentially acquired without authorization.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Yahoo Finance: Cybersecurity firm Netskope has hired Morgan Stanley to lead preparations for a U.S. initial public offering that could raise more than $500 million, according to people familiar with the matter.
Cybersecurity Dive: Zscaler said it had agreed to buy Red Canary, a leading provider of managed detection and response technology. Zscaler, a top cloud security vendor, said the agreement will help it disrupt competitors’ legacy security operations.
Business Wire: UK mid-market private equity investment firm Limerston Capital announces the acquisition of CyberCrowd, a UK-based cyber security services specialist.
PYMNTS: The tech sector thrives on rapid innovation, agile partnerships and application programming interface (API)-driven interconnectivity; an ethos that has evolved across other industries.
Investing.com: In a move to enhance its cybersecurity offerings, Check Point Software Technologies Ltd. has announced the acquisition of Veriti Cybersecurity, a company specializing in automated threat exposure and mitigation.
Yahoo Finance: UK fintech is set for another shot of momentum after a series of cyber attacks on top retailers exposed a need for greater security expansion.
Cointelegraph: American banking and financial industry advocacy groups have petitioned the Securities and Exchange Commission to repeal its cybersecurity incident public disclosure requirements.
The Target: The Legal Aid Agency, which is part of the UK’s Ministry of Justice, provides criminal and civil legal aid and advice to people in England and Wales.
The Take: The compromised data includes applicants’ contact details and addresses, dates of birth, national ID numbers, criminal history, and employment status, as well as financial information such as contribution amounts, payments, and debts.
The Vector: An investigation conducted with the aid of the National Crime Agency and National Cyber Security Centre revealed on May 16 that the intrusion was “more extensive than originally understood and that the group behind it had accessed a large amount of information relating to legal aid applicants”.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
PR Newswire: H.I.G. Growth Partners ("H.I.G. Growth"), the dedicated growth capital investment affiliate of H.I.G. Capital ("H.I.G."), a leading global alternative investment firm with $69 billion of capital under management, is pleased to announce its investment in AgileBlue (or the "Company"), an AI-powered Security Operations platform that detects, investigates, and auto-responds to cyber threats across cloud, network, and endpoint environments.
Yahoo Finance: The UK’s software M&A market has hit a record high, with £13.2bn deployed across 420 deals over the past year, marking a 27 per cent year on year rise and revealing the nation’s pivotal role in Europe’s tech investment scene.
Finance Magnates: A wave of phishing scams has hit Hong Kong investors, with attackers impersonating licensed brokers in fraudulent text messages that link to fake websites.
The Guardian: The boss of HSBC’s UK arm has said the bank is “being attacked all the time” by online criminals, with cybersecurity now its biggest expense, costing the lender hundreds of millions of pounds.
CNBC: According to Nikesh Arora, even “naysayers” of AI are now trying to move data to the cloud in order to keep up with competitors. New AI models require the cloud, he said, claiming that businesses will be left behind if they don’t move their company to the platform.
PYMNTS: Thirty percent of data breaches that occurred during the year ended Oct. 31 involved a third party, according to Verizon.
SecurityWeek: The company, which is working on technology to revamp corporate incident response reporting systems, said the new financing included expanded equity positions for SYN Ventures and Overline.
The Target: Crypto giant Coinbase
The Take: The company said the hacker stole customer names, postal and email addresses, phone numbers, and the last four-digits of users’ Social Security numbers. The hacker also took masked bank account numbers and some banking identifiers, as well as customers’ government-issued identity documents, such as driver’s licenses and passports.
The Vector: Coinbase said the hacker “obtained this information by paying multiple contractors or employees working in support roles outside the United States to collect information from internal Coinbase systems to which they had access in order to perform their job responsibilities.”
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
CNBC: Cybersecurity firm Proofpoint announced it will acquire European rival Hornetsecurity for $1 billion to strengthen its European presence as it explores a return to public markets.
CIO Dive: Almost half of bank executives surveyed recently by KPMG expect that generative AI will be able to handle between 21% and 40% of their teams’ daily tasks by the end of the year.
Dark Reading: Orca Security announced it has acquired Opus, a Tel Aviv, Israel-based security startup which developed autonomous vulnerability management technology using agentic AI to remediate and prevent malicious activity automatically.
Cybersecurity Dive: A coalition of 52 U.S. organizations urged lawmakers to reauthorize a law that protects cyber threat information that businesses share with the federal government.
CIO Dive: CEOs expect the growth rate of artificial intelligence investments to more than double during the next two years, prompting an increase in AI-related hiring and reskilling initiatives, according to a May 6 report from IBM’s Institute for Business Value.
SecurityWeek: The EU cybersecurity agency ENISA announced the official launch of the European Vulnerability Database, or EUVD. Industry professionals the EUVD can be a useful resource, but the agency needs to ensure it stays relevant.
Cointelegraph: The US government has asked a federal judge to impose a two-year sentence for Eric Council Jr., the individual who helped post a fake message announcing the approval of Bitcoin exchange-traded funds through the Securities and Exchange Commission’s (SEC’s) X account.
The Target: Frederick Health Medical Group, a major healthcare provider in Maryland.
The Take: Depending on the affected individuals, the attackers stole a combination of sensitive personal information, including patient names, addresses, dates of birth, Social Security numbers, and driver's license numbers. They also exfiltrated personal health information, such as medical record numbers, health insurance information, and/or clinical information related to patients' care.
The Vector: The investigation determined that an unauthorized person gained access to the network and, on January 27, 2025, copied certain files from a file share server.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Cointelegraph: Onchain sleuth and security analyst ZachXBT claims to have identified an additional $45 million in funds stolen from Coinbase users through social engineering scams in the past seven days alone.
TechCrunch: Cybersecurity giant CrowdStrike said that it would lay off 5% of its global workforce, which amounts to about 500 workers.
SecurityWeek: The lawsuit against NSO was filed in 2019, after it came to light that a zero-day vulnerability had been exploited to deliver NSO-made spyware to roughly 1,400 WhatsApp users.
Cybersecurity Dive: Coalition is one of the world’s largest cyber insurers, so its data offers a broad survey of the cyber risk landscape, from the behavior of threat actors to the best strategies for avoiding a digital security crisis.
Yahoo News: The vast majority of UK firms are not at the required level of readiness to be able to withstand modern cyber attacks, a new report has warned.
Crunchbase: Identity management is a hot area for investment of late. That was particularly obvious in the past few weeks, as two startups in the space secured over $300 million and a major eyeball-scanning initiative made its U.S. debut.
Bank Info Security: Cybersecurity attracted $13 billion in investments in 2024, a 40% jump in funding compared to 2023, with nearly half going to early-stage startups.
The Target: Ascension, one of the largest private healthcare systems in the United States.
The Take: Depending on the impacted patient, the attackers gained access to a combination of personal information, including name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers (SSNs).
The Vector: The timeline of the breach implies the attack was part of a series of Clop ransomware data theft attacks that exploited a zero-day flaw in Cleo secure file transfer software.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
Cybersecurity Dive: Zero-day vulnerability exploitation represents one of several important metrics for assessing the software industry’s progress on baking security into its development practices.
Forbes: AI has evolved from a futuristic novelty into a workhorse with outsized returns on investment for modern businesses. Companies are already using it to power chatbots, analyze massive datasets and streamline critical operations.
SecurityWeek: According to SecurityWeek’s analysis, more than 30 cybersecurity firms collectively raised more than $1.7 billion in funding in the month of April, underscoring the sector’s robust growth and investor confidence in cyber defense technologies.
Dark Reading: In a sign of how pervasive data sharing has become, businesses may face challenges complying with a new government rule restricting data use outside the US.
Cyberscoop: Cybersecurity companies don’t just defend their customers against cyberattacks — they also have to defend themselves, and a SentinelOne report examines some of the biggest threats they’re facing.
SecurityWeek: The new financing includes equity stakes for existing backers Accel and GV (Google’s venture fund), True Ventures, Norwest, Ballistic Ventures, J.P. Morgan, and Blackstone Innovations Investments.
Bleeping Computer: Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy