The Connecticut Port Authority
January 22, 2026
•[ Business Email Compromise, Phishing, Financial Fraud ]
Connecticut Port Authority officials reported that a subtle change in an email address used to pay a vendor resulted in a fraudulent party receiving more than $16,000 from the quasi-public agency. The report said $16,666 was stolen and that $14,166 of that amount was recovered through an insurance claim. The incident triggered operational changes including renewed focus on encryption and security practices and recurring cybersecurity training. The article did not provide the precise date of the payment, only that it occurred the prior year relative to the January 22, 2026 report.
Conifer Value-Based Care, LLC
August 28, 2025
•[ business email compromise, data leak ]
Conifer Value-Based Care, LLC disclosed unauthorized access to a Microsoft 365 business email account on August 2829, 2025. The incident may have exposed personal and health-related information contained in emails. Core systems were not compromised and the account was secured after discovery.
NioCorp Developments Ltd.
February 14, 2025
•[ phishing, Business Email Compromise ]
Business email compromise exploiting NioCorps email system to redirect vendor payments; no encryption detected.
