.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Yahoo Finance: Private equity investors have piled $4.7 billion into European cybersecurity companies so far this year, putting deal value on course to outperform 2022, when the total reached $7.6 billion.
The Target: American retail chain Hot Topic.
The Take: A threat actor obtained the valid account credentials for Hot Topic Rewards accounts from an unknown third party.
The Vector: The series of breaches that occurred between Feb. 7 and June 21 was the result of automated credential stuffing attacks against the company’s website and mobile application.
This breach is a reminder of how authentication controls are an important part of an overall robust cybersecurity posture, and more critically, ensuring these controls are in place on all third-party vendors which have access to a firm’s data.
ZD Net: Some 110.8 million user accounts were breached in the second quarter of 2023, with the US accounting for almost 45% of the global figure. Worldwide, data breaches grew 2.6 times compared to the first quarter, with an average of 855 accounts leaked every minute in the second quarter.
PYMNTS: Bankrupt crypto lender Voyager Digital Holdings has reported a possible breach, revealing the difficulties of protecting customers from online scammers.
The Target: Government services provider Maximus and 513 organizations impacted by the MOVEit hack.
The Take: According to Maximus, the attackers stole files containing personal information and protected health information, including Social Security numbers, “of at least 8 to 11 million individuals”.
The Vector: Disclosed at the end of May, the attack involved the exploitation of a zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) software, allowing cybercriminals to tap into the data transferred through the service.
A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. This breach is a reminder of how regular vendor assessments are a key component in cybersecurity. The breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control but in third-party systems the firm relies upon as well.
CNBC: The Securities and Exchange Commission wants corporate America to tell investors more about cybersecurity breaches and what’s being done to fight them. Much more.
BNN Bloomberg: The head of the Canadian Centre for Cyber Security says ransomware attacks are getting more common and sophisticated, but there's a lot the country could do to better defend itself.
Best Stocks: TPG, a leading investment firm, has recently made significant strides in the healthcare IT and cybersecurity sectors. On July 19, 2023, TPG successfully acquired Nextech, a renowned provider of clinical and administrative healthcare technology solutions for specialty physician practices.
Yahoo News: Shares in cyber security firm Darktrace have surged after it said a probe into its finances has closed, and as it reported a jump in customers amid the evolving “ChatGPT era”.
TechCrunch: After years of growth, funding for cybersecurity startups is beginning to slow down, a symptom of the broader economic malaise and — perhaps — market oversaturation.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy