.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Farmers Insurance is a U.S.-based insurer that provides auto, home, life, and business insurance products. It operates through a network of agents and subsidiaries, serving more than 10 million households nationwide.
The Take: The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach.
The Vector: On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
TechDay: A new report has found that almost three-quarters of organisations globally have already incorporated artificial intelligence (AI) into their cybersecurity defences.
CFO Dive: The escalating risks underscore the need for increased coordination between cybersecurity and finance teams, according to the study.
PYMNTS: When the British retailer Marks & Spencer (M&S) disclosed last year that a supplier breach had unleashed a ransomware attack, it was the kind of nightmare scenario every corporate board dreads.
Yahoo News/Reuters: Anthropic said it had detected and blocked hackers attempting to misuse its Claude AI system to write phishing emails, create malicious code and circumvent safety filters.
Yahoo Finance/Reuters: Cybersecurity company Okta raised annual revenue and profit forecasts, betting on growing demand for its identity verification tools as enterprises strengthen defenses against artificial intelligence-powered attacks.
Cybersecurity Dive: Chief information security officers are increasingly concerned about the risk of a cyberattack, and a growing number say they have experienced a material loss of data over the past year, according to a report released by Proofpoint.
TechRadar: A function that was once buried deep within IT departments, cyber security is now firmly making its way up the boardroom agenda. 72% of UK businesses now classify cyber security as a high priority, with that extending to 96% of large businesses.
The Target: Workday, the cloud-based software company providing human resources systems
The Take: The threat actor was able to obtain what Workday described as “commonly available business contact information, like names, email addresses, and phone numbers,” which it speculated could be exploited “potentially to further their social engineering scams.”
The Vector: In its statement, the company said it “recently identified that Workday had been targeted and threat actors were able to access some information from our third-party CRM platform,” although it did not identify which platform it uses.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Cyber Daily: Following Prime Minister Anthony Albanese’s move to recognise the Palestinian state, and Israel’s response, hacktivists groups have already begun to make their mark on government agencies and education institutions.
Private Equity Insights: Insight Partners, which acquired Armis in 2020, is expected to generate $2bn–$3bn from the deal, according to Globes. Other key investors include Georgian, G Squared, One Equity Partners, CapitalG, Brookfield, General Catalyst, and Alkeon Capital.
The Record: An Indiana-based drug research company said a recent ransomware attack has disrupted its business operations and forced a shutdown of critical systems.
Dark Reading: The Allianz Life data breach, which the company confirmed in July, led to hackers allegedly stealing the personal data of around 1.1 million customers. The insurance giant has 1.4 million customers, and its parent company, Allianz, has more than 125 million.
Cybersecurity Dive: Enterprises rushed into AI deployment plans while the hype haze was thick. Now that the risks are clearer, business leaders are looking for ways to remediate.
MSN/Canadian Press: The Canadian Investment Regulatory Organization says it shut down some of its systems as a precaution after identifying a cybersecurity threat on Aug. 11. It says a preliminary investigation indicates that some personal information of member firms and their registered employees was affected.
CSO Online: CISOs have a one in four chance of their job surviving a successful ransomware attack, according to a recent Sophos report. The report’s findings are a wakeup call for CISOs regardless of whether they are found at fault or have any meaningful authority to block such attacks, industry experts say.
The Target: Connex, one of Connecticut's largest credit unions.
The Take: The non-profit has yet to find evidence that the attackers gained access to the affected members' funds or accounts, but has discovered that they stole a combination of personal and financial data, including names, account numbers, debit card information, Social Security numbers, and government IDs.
The Vector: The investigation revealed that certain files may have been accessed or downloaded without authorization between June 2 and 3, 2025.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Private Equity Wire: Francisco Partners is exploring the sale of BeyondTrust Software, the privileged access management (PAM) specialist it has backed since 2018, in a potential multi-billion dollar transaction, according to a report by Bloomberg citing unnamed people familiar with the matter.
Bleeping Computer: Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks.
Financial Newswire: The Australian Prudential Regulation Authority (APRA) has made clear to the superannuation sector that it needs to develop the ability to deliver a coordinated industry response in the face of a cyber incident affecting multiple stakeholders.
Dark Reading: US law enforcement once again demonstrated its commitment to going on the offense against cybercrime with an operation against the BlackSuit ransomware gang that resulted in the takedown of four servers and nine domains, as well as the seizure of just over $1 million in cryptocurrency.
Funds Europe: UK pensions manager Railpen has partnered with sustainability consultancy Chronos Sustainability for a report on “how AI systems are classified and the risks they could pose to portfolio companies without an effective and efficient system of governance.”
Cyber Daily: The hackers claim to have stolen 85 gigabytes of data, according to the group’s 7 August leak post, though they have said little else about the incident. The group has not shared any details of its ransom demand, nor the deadline for payment.
CNBC: The rise of generative AI and large language models has drastically shifted the cybersecurity landscape, empowering attackers with easy-to-use tools that can create realistic video and voice deepfakes, personalized phishing campaigns, and malware and malicious code.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy