One of thousands of companies impacted by LiteLLM supply chain attack @ Mercor

In April 2026, Mercor, an AI recruiting startup valued at $10 billion, confirmed it was impacted by a supply chain cyberattack stemming from a compromise of the open-source LiteLLM project. This confirmation followed claims by the Lapsus$ extortion gr...

Former employee downloaded reports that contained US customers' information @ Block and 4 more...

In April 2022, it was reported that more than 8 million customers had their personal data compromised after a former employee downloaded internal reports without permission. The exposed information included customers’ full names and brokerage accou...

Unauthorised access to sensitive personal information @ Blank Rome LLP

Blank Rome LLP, a prominent global law firm operating sixteen offices with a workforce of over eight hundred attorneys, has recently become the subject of a cybersecurity investigation following a significant data breach. This incident involved unauth...

Unauthorised actor acquired certain files and data stored within systems @ Aspire Health Alliance

Aspire Health Alliance, a behavioral health services provider based in Braintree, Massachusetts, recently announced a data security incident that may have compromised personal and protected health information of certain individuals who used their serv...

Information of patients, other healthcare providers and physicians exposed @ Greater Rochester Independent Practice Association and Progress Software Corporation

The Greater Rochester Independent Practice Association, commonly referred to as GRIPA, has reached a settlement agreement totaling two million one hundred and fifty thousand dollars to resolve a class action lawsuit following a major data breach. The ...

Personnel system breached at facility instrumental in US nuclear energy research @ Idaho National Laboratory

In November 2023, Idaho National Laboratory (INL), a prominent U.S. Department of Energy research facility specializing in nuclear energy and cybersecurity, experienced a significant data breach. The breach affected the laboratory's Oracle Human Capit...

357,000 patients' protected health information compromised @ Onsite Mammography

In April 2025, Onsite Mammography, a Massachusetts-based medical imaging provider, announced a data breach affecting 357,265 individuals. The breach stemmed from unauthorized access to an employee's email account, which was discovered in October 2024....

34,000 individuals impacted by data breach @ Henderson & Walton Women’s Center

A data breach impacting over 34,000 individuals occurred at Alabama Women’s Health Center (HWWC) due to a hacked employee email account. Although internal emails were encrypted, the hackers' access to the account necessitated an investigation into pot...

Town lost more than $545,000 in cyber scam @ Town of Surfside Beach

The town of Surfside Beach, South Carolina, fell victim to a cyber scam in March 2026, resulting in a loss of over $545,000. The incident involved a fraudulent payment intended for Wildcat Contractors, Inc., a North Carolina construction firm. Town of...

Data security incident involved protected information of some health system's patients @ Presbyterian Healthcare Services and Thompson Coburn

In May 2024, Thompson Coburn LLP, a law firm representing Presbyterian Healthcare Services, discovered suspicious activity on its network. A subsequent investigation revealed that an unauthorized actor had accessed and potentially exfiltrated files c...

Lead by example in cyber

Premier risk-driven analysis

All our analysis is overseen some of the leading members of the risk community and includes lessons learnt, controls environment and root cause analysis. Learn more...

High-quality structured cyber dataset

Key attributes of each case - such as threat actor, costs incurred, failed controls etc. - are captured through the Global Cyber Event Taxonomy Learn more...

Consulting & training services

Our case studies have provided us with unique insights into the challenges faced and strategies implemented by organisations countering cyber security threats. Learn more...