.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Inotiv is an Indiana-based contract research organization specializing in drug development, discovery, and safety assessment, as well as live-animal research modeling.
The Take: The compromised information, it told the Texas AGO, includes names, addresses, Social Security numbers, driver’s license numbers, ID numbers, credit or debit card numbers, medical and health insurance information, and dates of birth.
The Vector: When it disclosed the incident, Inotiv said that the attack had disrupted business operations after some of its networks and systems (including databases and internal applications) were taken down.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Japanese beer giant Asahi.
The Take: According to the company, 1,525,000 people who contacted its customer services had their names, addresses, phone numbers, and email addresses stolen. The hackers also exfiltrated the names, addresses, and phone numbers of 114,000 people Asahi had sent congratulatory or condolence messages to.
The Vector: The company explained that the threat actors hacked network equipment and used it to compromise its data center network. “Ransomware was deployed simultaneously, encrypting data on multiple active servers and some PC devices connected to the network,” the company said.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: Comcast is an American mass media, telecommunications, and entertainment multinational company, and the fourth-largest telecom firm in the world by revenue, after AT&T, Verizon, and China Mobile.
The Take: The threat actors stole personal and financial information between February 14 and February 26, including the names, addresses, Social Security numbers, dates of birth, and Comcast account numbers of affected current and former customers.
The Vector: The breach occurred in February 2024, when attackers hacked into the systems of Financial Business and Consumer Solutions (FBCS), a debt collector Comcast had stopped using two years earlier.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Checkout operates checkout.com and is a global payment processing firm that provides a unified payments API, hosted payment portals, mobile SDK, and plugins to use on existing platforms.
The Take: Checkout says the threat actor, known as ShinyHunters, gained access to a third-party legacy system that had not been properly decommissioned, which held merchant data from 2020 and earlier, including internal operational documents and onboarding materials
The Vector: Upon investigation, Checkout determined that this data was obtained by the threat actor gaining unauthorized access to a legacy third-party cloud file storage system, used in 2020 and prior years.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: GlobalLogic, a provider of digital engineering services part of the Hitachi group.
The Take: The data stolen in the breach includes personal information collected by GlobalLogic's human resources and, depending on the affected individual, it includes name, address, phone number, and emergency contact (name and phone number). The attackers also exfiltrated the email addresses, dates of birth, nationalities, countries of birth, passport information, national identifiers or tax identifiers (e.g., Social Security Numbers), salary information, and bank account details of impacted employees.
The Vector: In a breach notification letter filed with the office of Maine's Attorney General, the company states that the attackers exploited an Oracle EBS zero-day vulnerability to steal personal information belonging to 10,471 employees.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
The Target: Capita is a major UK-based outsourcing and professional services company that provides consulting, digital, and software services to local councils, the NHS, the Ministry of Defense, and organizations in the banking, utilities, and telecommunications sectors.
The Take: Hackers had accessed 4% of Capita’s internal IT infrastructure, and exfiltrated private files hosted on the breached systems.
The Vector: The company announced that it had been targeted by hackers who attempted access to its internal Microsoft 365 environment, forcing some systems offline as part of its response.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Conduent is an American business process outsourcing (BPO) company that provides digital platforms and services for governments and enterprises.
The Take: The data breach notifications state that people's name, Social Security Numbers, full date of birth, health insurance policy or ID number, or medical information was exposed.
The Vector: An investigation into the scope of the data breach has now determined that the attack impacted millions of people. Furthermore, although the breach was discovered in January 2025, the environment had been compromised much earlier, on October 21, 2024.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: Sotheby’s is a leading global auction house for fine art and high-value items, as well as an asset-backed lending services provider.
The Take: According to a filing the organization submitted to Maine’s AG office, the data exposed in the incident includes full names, Social Security numbers (SSNs), and financial account information.
The Vector: “On July 24, 2025, Sotheby’s became aware that certain Sotheby’s data appeared to have been removed from our environment by an unknown actor,” reads the letter sent to impacted individuals.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: Video game chat platform Discord.
The Take: The data compromised may have included usernames, email, billing information, the last four digits of credit card numbers, IP addresses and messages with customer support.
The Vector: The company stated that an unauthorised party had compromised one of Discord’s third-party customer service providers, leading to the access of “a limited number of users” who had been in contact with the customer service or trust and safety teams.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Boyd Gaming is a public US casino entertainment company with 28 gaming properties in ten states.
The Take: The threat actors were able to steal data from the company's systems, which includes information about employees and individuals.
The Vector: In a new 8-K form filed with the US Securities and Exchange Commission (SEC), the company said it experienced a cybersecurity “incident” in which unauthorized third parties accessed its IT system.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy