.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Japanese e-commerce and logistics company Askul, which specializes in B2B sales of office and professional supplies.
The Take: Roughly 590,000 customer records related to business services and 132,000 records related to consumer services have been compromised. In addition, the hackers stole thousands of records related to business partners, employees, and Askul executives.
The Vector: The company’s investigation showed that the cybercriminals gained access to its network using compromised credentials. After obtaining initial access to Askul systems, the attackers conducted reconnaissance, harvested credentials, moved laterally, and disabled security systems.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
EU Startups: Exein, a Rome-based innovator in embedded cybersecurity for connected devices, today announced €100 million in new funding in order to accelerate product development and international expansion – bringing its total raised in 2025 to €170 million.
Tech in Asia: Blackstone is leading a US$400 million investment in Cyera, valuing the Israeli data-security startup at US$9 billion, according to a Wall Street Journal report citing unnamed sources.
CSO Online: A US Securities and Exchange Commission committee has recommended a new rule that would mandate companies to analyze and report all AI efforts — including decisions to not use AI for some purposes.
PR Newswire: Adaptive Security announced it has raised an $81 million Series B funding round led by Bain Capital Ventures, with participation from NVentures (NVIDIA's venture capital arm), OpenAI Startup Fund, Andreessen Horowitz (a16z), Abstract Ventures, Capital One Ventures, and Citi Ventures.
Yahoo Finance: In addition to topping the overall list of risk factors, cybersecurity was also the top concern across organizations of all sizes, the top concern of executives in most roles and the top concern for organizations in almost every geographic region.
SecurityWeek: 700Credit is the largest provider of credit checks, identity verification, fraud detection, and compliance services for automotive, marine, power sports, and RV dealers in North America. It serves roughly 18,000 dealerships.
CNBC: The deal, which could reach $7 billion in value, would be ServiceNow’s largest acquisition, the outlet said, citing people familiar with the situation who asked not to be identified because the talks are private.
The Target: Inotiv is an Indiana-based contract research organization specializing in drug development, discovery, and safety assessment, as well as live-animal research modeling.
The Take: The compromised information, it told the Texas AGO, includes names, addresses, Social Security numbers, driver’s license numbers, ID numbers, credit or debit card numbers, medical and health insurance information, and dates of birth.
The Vector: When it disclosed the incident, Inotiv said that the attack had disrupted business operations after some of its networks and systems (including databases and internal applications) were taken down.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
CSO Online: In recent years, artificial intelligence (AI) has been spreading its tentacles across the global technological landscape, as evidenced by the increase in autonomous and automated technologies and their deployment across industries and sectors.
Yahoo News/Reuters: OpenAI warned that its upcoming artificial intelligence models could pose a "high" cybersecurity risk, as their capabilities advance rapidly. The AI models might either develop working zero-day remote exploits against well-defended systems or assist with complex enterprise or industrial intrusion operations aimed at real-world effects, the ChatGPT maker said in a blog post.
CFO Dive: HP announced late last month that it expects to reduce its global headcount by between 4,000 and 6,000 employees by the end of fiscal year 2028 as part of an effort to drive “customer satisfaction, product innovation, and productivity through artificial intelligence adoption and enablement.”
Investment News: FINRA has placed generative AI and cyber-enabled fraud high on its 2026 regulatory agenda, warning broker-dealers and RIAs that emerging technology and long‑standing compliance gaps are converging into higher risk for investors.
Business Wire: In a global cyber environment marked by major security lapses, cyberattacks, and technology outages, new research released by Marsh, the world’s leading insurance broker and risk advisor and a business of Marsh McLennan, reveals that organizations around the world are more confident in how they approach cyber risk management and are planning to invest even more in cybersecurity defenses in 2026.
The Record: The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) released a study last week covering 4,194 ransomware incidents that were reported through the Bank Secrecy Act over the three-year period.
SecurityWeek: Founded in 2019, California-based Resemble AI has built an AI detection platform that helps organizations identify AI-generated deepfakes and prevent fraud and other types of attacks.
The Target: Japanese beer giant Asahi.
The Take: According to the company, 1,525,000 people who contacted its customer services had their names, addresses, phone numbers, and email addresses stolen. The hackers also exfiltrated the names, addresses, and phone numbers of 114,000 people Asahi had sent congratulatory or condolence messages to.
The Vector: The company explained that the threat actors hacked network equipment and used it to compromise its data center network. “Ransomware was deployed simultaneously, encrypting data on multiple active servers and some PC devices connected to the network,” the company said.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Yahoo News/Reuters: Blackstone's Chief Technology Officer is increasingly concerned about data leaks and which platforms can help manage safety, he told the Reuters NEXT conference in New York.
Forbes: After more than 20 years in cybersecurity, I’ve learned to be skeptical. I’ve seen countless vendors promise to “revolutionize security,” only to deliver another dashboard we barely have time to check.
SecurityWeek: The Information last week reported that ServiceNow had been in advanced talks to buy Veza for more than $1 billion. Contacted by SecurityWeek, ServiceNow representatives said they are unable to disclose the terms of the contract.
Business Wire: Experian® released its 2026 Data Breach Industry Forecast, offering a look at the evolving cyber threat landscape. The predictions address how the coming year could usher in a new wave of sophisticated attacks driven by artificial intelligence along with other threats and vulnerabilities including quantum computing.
Pitchbook: Cybersecurity has emerged as one of the few VC verticals in Europe to experience an increase in dealmaking this year, as demand driven by AI and the defense sector fuels investor enthusiasm.
Dark Reading: Though many people believe cryptocurrency is untraceable, that, generally speaking, is far from the truth. When cybercriminals obtain cryptocurrency in, say, a ransomware attack, a key step in the process is mixing, or laundering, the crypto.
The Korea Times: The level of investment in cybersecurity by Korean companies is far below that of other major countries, the head of the country's financial watchdog warned, amid a string of recent hacking incidents at major firms, including SK Telecom, Lotte Card, Coupang and Upbit.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy