.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Frederick Health Medical Group, a major healthcare provider in Maryland.
The Take: Depending on the affected individuals, the attackers stole a combination of sensitive personal information, including patient names, addresses, dates of birth, Social Security numbers, and driver's license numbers. They also exfiltrated personal health information, such as medical record numbers, health insurance information, and/or clinical information related to patients' care.
The Vector: The investigation determined that an unauthorized person gained access to the network and, on January 27, 2025, copied certain files from a file share server.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Cointelegraph: Onchain sleuth and security analyst ZachXBT claims to have identified an additional $45 million in funds stolen from Coinbase users through social engineering scams in the past seven days alone.
TechCrunch: Cybersecurity giant CrowdStrike said that it would lay off 5% of its global workforce, which amounts to about 500 workers.
SecurityWeek: The lawsuit against NSO was filed in 2019, after it came to light that a zero-day vulnerability had been exploited to deliver NSO-made spyware to roughly 1,400 WhatsApp users.
Cybersecurity Dive: Coalition is one of the world’s largest cyber insurers, so its data offers a broad survey of the cyber risk landscape, from the behavior of threat actors to the best strategies for avoiding a digital security crisis.
Yahoo News: The vast majority of UK firms are not at the required level of readiness to be able to withstand modern cyber attacks, a new report has warned.
Crunchbase: Identity management is a hot area for investment of late. That was particularly obvious in the past few weeks, as two startups in the space secured over $300 million and a major eyeball-scanning initiative made its U.S. debut.
Bank Info Security: Cybersecurity attracted $13 billion in investments in 2024, a 40% jump in funding compared to 2023, with nearly half going to early-stage startups.
The Target: Ascension, one of the largest private healthcare systems in the United States.
The Take: Depending on the impacted patient, the attackers gained access to a combination of personal information, including name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers (SSNs).
The Vector: The timeline of the breach implies the attack was part of a series of Clop ransomware data theft attacks that exploited a zero-day flaw in Cleo secure file transfer software.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
Cybersecurity Dive: Zero-day vulnerability exploitation represents one of several important metrics for assessing the software industry’s progress on baking security into its development practices.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy