Analysis

Analysis of the Five States Energy Company, L.L.C. data breach disclosed 2026-04-02

Analysis of the illumifin Corporation data breach disclosed 2025-11-04

Analysis of the Mercer Advisors Inc. data breach disclosed 2026-01-22

Analysis of the Advantage Gold data breach disclosed 2026-03-29

Analysis of the Summit Insurance Services, Inc. data breach disclosed 2026-03-26

Analysis of the Hightower Holding, LLC (Updated) data breach disclosed 2026-03-24

Analysis of the Hightower Holding, LLC data breach disclosed 2026-03-23

Analysis of the Mutual of America Life Insurance Co. data breach disclosed 2026-03-23

Analysis of the Financial Factors, Inc. data breach disclosed 2026-03-18

Analysis of the Charlottesville Settlement Company data breach disclosed 2026-03-18

Analysis of the Marquis Software Solutions data breach disclosed 2026-03-17

Analysis of the Kerkering, Barberio & Co., Certified Public Accountants data breach disclosed 2026-03-13

Analysis of the MetroWest Community Federal Credit Union data breach disclosed 2026-03-10

Analysis of the Banner Capital Bank data breach disclosed 2026-03-06

Analysis of the Maniscalco Wealth Management ltd data breach disclosed 2026-03-06

Analysis of the EP Wealth Advisors, LLC data breach disclosed 2026-02-02

Analysis of the California FAIR Plan Association data breach disclosed 2025-12-12

Analysis of the Williams Accountancy Corporation data breach disclosed 2025-12-25

Analysis of the Figure Technology Solutions, Inc. on behalf of Figure Lending LLC, Figure Markets Credit LLC, and Figure Payments Corporation. data breach disclosed 2026-01-28

Analysis of the Hennessy Advisors data breach affecting 12,643 mutual fund investors — timeline, attack details, regulatory implications, and lessons for the investment management sector.

Analysis of the H&N Tax, Inc data breach disclosed 2026-02-20

Analysis of the Strategic Investment Solutions Inc. data breach disclosed 2026-02-12

Analysis of the Terra Holdings, LLC data breach disclosed 2026-02-12

Analysis of the West Florida Banking Corporation (Flagship Bank) data breach disclosed February 2026, affecting 3,996 customers via social engineering attack

Analysis of the AOS, Inc. data breach disclosed 2025-07-31

Analysis of the Diversified Benefit Services Insurance Marketing, Inc. data breach disclosed 2025-08-07

Analysis of the Marquis Software Solutions (on behalf of business customer data owners) data breach disclosed 2025-08-14

Analysis of the Pacific Symphony data breach disclosed 2025-08-21

Analysis of the Byzfunder NY LLC data breach disclosed 2025-09-01

Analysis of the California Casualty Indemnity Exchange data breach disclosed 2025-09-02

Analysis of the Risk Management Services, LLC data breach disclosed 2025-09-02

Analysis of the Teamsters Union 25 Health Services & Insurance Plan data breach disclosed 2025-09-03

Analysis of the Velocity Risk Underwriters, LLC data breach disclosed 2025-09-04

Analysis of the Lincoln Investment Planning, LLC data breach disclosed 2025-09-12

Analysis of the SSA Holdings, LLC data breach disclosed 2025-09-15

Analysis of the Evolve Mortgage Services on behalf of financial institutions data breach disclosed 2025-09-17

Analysis of the Upstream Advisory Group LLC data breach disclosed 2025-09-18

Analysis of the First National Bank of Clarksdale data breach disclosed 2025-09-24

Analysis of the Garson Brothers Asset Management, LLC data breach disclosed 2025-09-24

Analysis of the Ashton Thomas Private Wealth, LLC data breach disclosed 2025-10-02

Analysis of the 700Credit, LLC data breach disclosed 2025-10-25

Analysis of the The Roger Keith & Sons Insurance Agency data breach disclosed 2025-10-29

Analysis of the Dollar Financial Group, Inc. dba Money Mart data breach disclosed 2025-11-09

Analysis of the SitusAMC Holdings Corporation data breach disclosed 2025-11-12

Analysis of the NAHGA Claims Services data breach disclosed 2025-11-17

Analysis of the Anderson Bancshares, Inc. data breach disclosed 2025-12-05

Analysis of the Workers Compensation Insurance Rating Bureau of California data breach disclosed 2025-12-10

Analysis of the Mezrah Financial data breach disclosed 2025-12-22

Analysis of the Cove Risk Services, LLC data breach disclosed 2025-12-12

Analysis of the Mercadien PC Certified Public Accountants data breach disclosed 2025-12-31

Analysis of the Ameriprise Financial Services, LLC data breach disclosed 2026-01-02

Analysis of the Awes.me, Inc. data breach disclosed 2026-01-07

Analysis of the Linden Bancshares, Inc. DBA Texana Bank, N.A. data breach disclosed 2026-01-12

Analysis of the Insurance Office of America (IOA) data breach disclosed 2026-01-16

Analysis of the First Atlantic Capital, Ltd. data breach disclosed 2026-01-30

Analysis of the Continental Casualty Company and its affiliates (CNA) data breach disclosed 2026-01-30

Analysis of the Corban OneSource, LLC data breach disclosed 2026-02-04

Analysis of the Edelman Financial Engines, LLC data breach disclosed 2026-02-04

Analysis of the Gravity Payments, Inc. data breach disclosed 2026-02-04

Analysis of the WealthKeel LLC data breach disclosed 2026-02-09

Analysis of the NASCBF data breach affecting 2,063 Maine residents after August 2025 network intrusion -- SSN and financial account exposure at multi-state union pension and health funds.

Analysis of the Prosper Marketplace data breach where attackers queried customer and applicant databases for three months before detection -- timeline, data exposed, and regulatory implications for peer-to-peer lending platforms.

Analysis of the NAHGA Claims Services data breach affecting 5,072 individuals -- sensitive health and financial data exposed in April 2025 network intrusion. Timeline, regulatory implications, and lessons for insurance claims processors.

Analysis of the Zions Bancorporation insider breach where an employee intentionally emailed customer account data to an unauthorized third party -- timeline, data exposed, and regulatory implications for the $90B banking institution.

Analysis of the Carter Federal Credit Union breach affecting Louisiana members after unauthorized network access June 25-July 2, 2025 -- timeline, SSN exposure, and third-party risk implications.

Analysis of TransUnion's breach affecting 51 individuals - discovered in 2009 but not disclosed until October 2025. Examines the unprecedented notification delay and regulatory implications.

Main Electric Supply Company disclosed a network breach exposing SSNs, credit cards, and personal data -- another vendor risk incident affecting financial data holders.

Gym Management Services data breach exposed SSNs, credit card numbers, and financial records of gym members -- a vendor risk case study for payment processors.

Lincoln Investment Planning disclosed a breach affecting 703 clients after an unauthorized party accessed a financial adviser's systems. SSNs, driver's licenses, and account data exposed.

Investment adviser Upstream Advisory Group LLC disclosed a phishing breach after an email account was accessed over 8 days. SSNs and health insurance data exposed.

SEC-registered investment adviser Ashton Thomas Private Wealth disclosed a breach affecting 1,644 individuals after email account compromise. SSNs, financial data, and minors' information exposed.

Clarity Benefit Solutions disclosed unauthorized access to its benefits platform exposing HSA account numbers -- a third-party risk case affecting multiple employers' workers.

Analysis of the First National Bank of Clarksdale network intrusion on June 4-5, 2025, where an unauthorized actor obtained files containing SSNs and financial account numbers.

Anderson Brothers Bank disclosed a breach affecting 3,272 customers after vendor Marquis Software Solutions was compromised. SSNs, account numbers, and DOBs exposed.

Garson Brothers Asset Management breach analysis: a BEC attack targeting wire fraud exposed SSNs for 167 individuals at the Bronxville, NY property management firm.

Analysis of the Teamsters Union 25 Health Services & Insurance Plan breach affecting 13 Maine residents after unauthorized network access exposed SSNs and personal data.

Analysis of the Batchelder Bros. Insurance data breach affecting 29 individuals after a network intrusion exposed SSNs, driver's licenses, and financial account numbers.

Analysis of the Roger Keith & Sons Insurance Agency breach where a phishing attack led to remote desktop and email compromise -- with a 275-day notification delay.

Artisans' Bank disclosed a breach affecting 32,344 customers after vendor Marquis Software Solutions was compromised. Names and SSNs exposed.

Ellafi Federal Credit Union disclosed a breach affecting 17,627 members after a network intrusion exposed SSNs, credit card, and debit card numbers.

Cove Risk Services disclosed a breach affecting 49,385 individuals after a network intrusion exposed SSNs, DOBs, and addresses from workers' compensation files.

CoVantage Credit Union disclosed a breach affecting 160,000 members after vendor Marquis Software Solutions was hit by Akira ransomware. SSNs, account numbers exposed.

Donaghy Sales LLC disclosed a business email compromise after an attacker accessed a corporate email account for two days in July 2025, exposing personal information.

Analysis of the SSA Holdings data breach after attackers acquired files from the company's network on September 15, 2025, exposing SSNs, account numbers, and financial records.

Risk Management Services disclosed a breach affecting 22,300 individuals after a subcontractor's security protocol failure allowed unauthorized remote access, exposing SSNs and medical data.

Analysis of the SPCorp Services data breach after a September 2025 network intrusion. The company took until January 2026 to confirm personal information was compromised.

Motility Software Solutions disclosed a ransomware breach exposing SSNs, driver's licenses, and personal data of RV dealer customers after an August 2025 attack.

Analysis of the Oxler Private Wealth data breach affecting 239 individuals after a Microsoft 365 account takeover -- timeline, financial data exposure, and lessons for wealth management firms.

Analysis of the RKA Consulting Group data breach exposing names, dates of birth, and Social Security numbers after a January 2025 hack. Notifications arrived in October.

Velocity Risk Underwriters disclosed a breach affecting 39,310 policyholders after former vendor WaterStreet Company was hacked on March 17, 2025, exposing SSNs and account data.

Analysis of the Chalmers Insurance Group data breach affecting 157 individuals after a three-day network intrusion in April 2025 -- timeline, exposed data, and what insurance brokers should know.

Lafayette Federal Credit Union disclosed a breach affecting 77,337 members after an employee email account was accessed on September 16, 2024, exposing SSNs, account numbers, and DOBs.

Decisely Insurance Services breach exposed SSNs, passport numbers, and bank accounts for 113,984 individuals after a cloud storage intrusion affecting MetLife and 225 partner organizations.

California AG filing shows the Marquis Software Solutions breach affecting financial institutions began in August 2025, months before the larger Maine disclosure.

Analysis of the Nusbaum Insurance Agency email breach affecting 263 individuals -- a 13-month notification delay, broad data exposure, and what it means for insurance sector security.

Cerenade, a legal software platform, disclosed a breach after hackers downloaded documents containing SSNs, passport numbers, and dates of birth during a two-day intrusion.

Conifer Value-Based Care disclosed a phishing attack that compromised an employee's Microsoft 365 email, exposing patient and guarantor medical data across multiple states.

Cox Enterprises disclosed a breach caused by an Oracle E-Business Suite zero-day exploited Aug 9-14, 2025. Multi-state notifications filed across nine jurisdictions.

Parexel International disclosed a breach after an Oracle Cloud E-Business Suite zero-day exposed employee SSNs, financial accounts, and payment card numbers.

Byzfunder NY LLC breach analysis: a 20-day unauthorized access window in a cloud software system exposed names and Social Security numbers for 1,719 people.

Inotiv, Inc. disclosed a ransomware breach affecting 9,542 individuals with SSNs, credit cards, and medical data exposed -- nearly two years after discovering the attack.

California's workers' compensation rating bureau disclosed a breach after attackers accessed Box.com cloud storage, exposing SSNs, medical records, and financial data.

Dollar Financial Group's Money Mart disclosed a breach exposing Social Security numbers, credit card data, and financial records of payday lending customers.

Bayou Media Development disclosed a breach exposing names and SSNs of Parkwest Bicycle Casino customers after unauthorized access to a web-hosting service in September 2025.

California Casualty Group disclosed a breach after an unauthorized actor accessed its IT network for six days and copied files containing SSNs, account data, and personal records.

700Credit disclosed a data breach after hackers copied records from its web application, exposing names, SSNs, dates of birth, and addresses of auto dealership customers.

Whitepages disclosed a credential stuffing attack on July 19, 2025 that compromised user accounts, exposing names, emails, and partial payment card data.

Diversified Benefit Services Insurance Marketing disclosed an email system breach exposing SSNs, medical records, and health insurance information after August 2025 intrusion.

AOS Inc., operating as MoneyBlock, disclosed a network intrusion on July 31, 2025 that exposed SSNs, passport numbers, driver's licenses, and financial account data.

TransUnion disclosed a cyber incident involving unauthorized access to a third-party application used by its U.S. consumer support operations, exposing personal data.

HR and payroll vendor Corban OneSource disclosed a breach affecting 1,593 individuals after a September 2025 network intrusion exposed names and Social Security numbers.

Gain Federal Credit Union disclosed a breach after an unauthorized party accessed an employee email account containing member names, account numbers, and loan details.

Mutual of America Life Insurance accidentally emailed a data file with SSNs, account balances, and plan IDs to the wrong plan sponsor on July 22, 2025.

SitusAMC Holdings, a mortgage services firm, disclosed a data breach after attackers spent 7 days in its network extracting names, SSNs, and dates of birth.

SAFE Credit Union disclosed an incident that exposed member names, SSNs, account numbers, balances, and birthdates. Analysis of the unusual breach and response.

New York investment firm First Atlantic Capital disclosed a data breach affecting 1,582 individuals after a September 2025 network intrusion. Analysis of the timeline and implications.

1st MidAmerica Credit Union disclosed a breach affecting 131,070 members after vendor Marquis Software Solutions was hacked. SSNs exposed.

A phishing attack targeting an Ameriprise Financial advisor exposed deeply sensitive client data including SSNs, income, net worth, and medical information for 598 individuals.

Analysis of the Continental Casualty Company (CNA) data breach disclosed January 2026 after vendor Conduent was hacked, exposing 5,875 policyholder records.

Edelman Financial Engines data breach exposed SSNs, financial planning data, and personal details of 5,083 clients after a January 2026 unauthorized access incident.

Gravity Payments disclosed a data breach affecting 2,278 individuals after a vulnerability in a third-party CRM provider gave attackers access to personal information.

Insurance Office of America (IOA) breach analysis: a phishing email gave attackers five days of network access, exposing 12,913 records. 200-day delay.

Analysis of the Texana Bank (Linden Bancshares) data breach where a compromised employee email account gave an attacker 35 days of access to customer data.

VF Wealth Management data breach analysis: hackers copied SSNs and financial account data from the Florida RIA's network in July 2025, with notification delayed 159 days.

Analysis of the Awes.me, Inc. data breach - what happened, who's affected, and what to do.

Analysis of the Marquis Software Solutions ransomware attack that compromised 824,000+ customers at 80+ banks and credit unions.

Analysis of the Towne Mortgage Company data breach - what happened, who's affected, and what to do.

Analysis of the Evolve Mortgage Services on behalf of financial institutions data breach - what happened, who's affected, and what to do.

Analysis of the Phreesia, Inc. data breach - what happened, who's affected, and what to do.

Analysis of the MedRevenu, LLC data breach - what happened, who's affected, and what to do.

Analysis of the UA Sprinkler Fitters Local 669 Joint Apprenticeship and Training Committee (“JATC”) data breach - what happened, who's affected, and what to do.