Exclusive first look at Coalition’s new cyber claims dataGet the 2024 Cyber Claims Report
Cyber Incident? Get Help

case study

Nonprofit Faces Data Privacy Fallout Following Widespread Software Breach

Coalition CaseStudy-Hero-Nonprofit-Data-Breach




  • Employees: 51 - 250

  • Coverages: Breach Response

Case Study

An international nonprofit organization was one of the thousands of organizations impacted by a zero-day vulnerability in a popular file-transfer tool. More than 600 unique files related to individuals from the United Kingdom, United States, Canada, Australia, Germany, and the Netherlands were exfiltrated in the event. Due to concerns about legal obligations and other regulatory requirements, the nonprofit contacted Coalition for assistance.

Using security camera footage, the school discovered the former employee had walked around the campus nude, plugged a USB device into various classroom computers, and accessed other areas he typically wouldn’t have entered. The school also reported that the rogue employee used a mobile hotspot to broadcast vulgar Wi-Fi network names, raising alarm that the former employee had gained unauthorized access to the school’s network.

Coalition Incident Response1 (CIR) quickly launched a forensics investigation to review the extent of the event, as the compromised data included donor names, addresses, credit card numbers, phone numbers, email addresses, and bank account details. At the same time, we established breach counsel in each impacted region to review regulations and affected data.

CIR determined that the threat actor’s activity was limited to the server running the file-transfer software and found no evidence of lateral movement or additional malicious software on other systems. CIR’s findings were also consistent with other organizations impacted by the zero-day vulnerability and didn’t require extensive restoration on the nonprofit’s end. Here’s how one key coverage responded to this data breach: Breach Response2 covered the cost of numerous local breach counsels and a full forensic investigation. After the nonprofit paid its $25,000 self-insured retention, its policy covered more than $35,000 in costs related to the claim.

1. Coalition Incident Response services provided through Coalition’s affiliate are offered to policyholders as an option via our incident response firm panel.

2. The claim scenarios described here are intended to show the types of situations that may result in claims. These scenarios should not be compared to any other claim. Whether or to what extent a particular loss is covered depends on the facts and circumstances of the loss, the terms and conditions of the policy as issued and applicable law.