This document summarizes three cybersecurity incidents: 1) The theft of $81 million from Bangladesh's central bank account at the NY Federal Reserve due to weak security practices at SWIFT and the bank. 2) A mental health clinic preparing to implement an electronic medical records system was advised to have an outside expert test its security controls, but the board did not understand the reputational, financial, and legal risks. 3) Hackers breached servers at the NY State Psychiatric Institute, accessing information on 22,000 people including 13,000 coded records and 9,000 with personally identifiable information, highlighting the value of medical records data on the black market.