.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: A not-for-profit financial organization, Fairmont Federal Credit Union offers services such as business and home mortgage loans, financial first aid, and personal checking. It operates nine regional branches in West Virginia.
The Take: The hackers stole files containing names, dates of birth, Social Security numbers, driver’s license numbers, government ID numbers, financial information, medical and health insurance information, and other personal data. More alarming is that the stolen information contains full credit card/debit card details, including card numbers, security codes/PIN numbers, and expiration dates. IRS PIN numbers, tax ID numbers, routing numbers, and full access credentials were also compromised in the data breach.
The Vector: The organization discovered the cybersecurity incident on January 23, 2024 and launched a prompt and thorough forensic investigation, concluding on August 17, 2025, that files stolen from its network contained personal information.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Cyber Daily: Speaking to Cyber Daily’s sister brand, InvestorDaily, investment strategist at Betashares, Hugh Lam, said demand for security solutions has accelerated as geopolitical tensions and AI advancements reshape the risk landscape.
TechCrunch: Venture capital firm Insight Partners has notified thousands of people, including the firm’s limited partners, that their personal information was stolen by hackers in an earlier data breach.
Yahoo News: Cybersecurity firm Netskope is now aiming for a valuation of up to $7.26 billion in its U.S. initial public offering after raising the proposed price range, it said, underscoring investor appetite for high-growth tech stocks.
PR Newswire: According to a new comprehensive report from The Insight Partners, the global cybersecurity market is observing significant growth owing to the rise in cyber threats and attacks, stringent government regulations and compliance, and a surge in need to protect business assets.
Cybersecurity Dive: An audit that castigated the Cybersecurity and Infrastructure Security Agency’s cybersecurity pay incentives is worrying CISA staffers who say the report lacks context and could give the Trump administration an excuse to end a vital retention program.
Investing.com: CrowdStrike, the cybersecurity powerhouse whose stock has surged 68% over the past year and maintains a strong "Buy" rating from 38 analysts, partnered with Meta to introduce a new suite of benchmarks called CyberSOCEval to evaluate how artificial intelligence systems perform in real-world security operations.
Bank Info Security: Financial institutions are facing a new wave of cyberthreats as attackers weaponize artificial intelligence to exploit insider vulnerabilities. Richard Cassidy, field CISO at Rubrik, said financial organizations risk severe consequences if they continue relying on outdated approaches to incident response.
The Target: Workiva, a leading cloud-based SaaS (Software as a Service) provider.
The Take: The threat actors exfiltrated a limited set of business contact information, including names, email addresses, phone numbers, and support ticket content.
The Vector: Workiva notified its customers that attackers who gained access to a third-party customer relationship management (CRM) system stole some of their data.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Forbes: For years, cybersecurity focused on perimeter defenses. Today, with hybrid work and the cloud being ubiquitous, the greatest threat isn't code; rather, it's the person holding the device.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy