We are increasingly dependent upon information technology systems, infrastructure, and data to operate our business. In the ordinary course of business, we collect, store, and transmit confidential information, including, but not limited to, information related to our intellectual property and proprietary business information, personal information, and other confidential information. It is critical that we maintain such confidential information in a manner that preserves its confidentiality and integrity. Furthermore, we have outsourced elements of our operations to third party vendors, who each have access to our confidential information, which increases our disclosure risk.
While we recently implemented internal security and business continuity measures, our internal computer systems and those of current and future third parties on which we rely may fail and are vulnerable to damage from computer viruses and unauthorized access. Our information technology and other internal infrastructure systems, including corporate firewalls, servers, data center facilities, lab equipment, and connection to the internet, face the risk of breakdown or other damage or interruption from service interruptions, system malfunctions, natural disasters, terrorism, war, and telecommunication and electrical failures, as well as security breaches from inadvertent or intentional actions by our employees, contractors, consultants, business partners, and/or other third parties, or from cyber-attacks by malicious third parties (including the deployment of harmful malware, ransomware, denial-of-service attacks, social engineering and other means to affect service reliability and threaten the confidentiality, integrity and availability of information), each of which could compromise our system infrastructure or lead to the loss, destruction, alteration, disclosure, or dissemination of, or damage or unauthorized access to, our data or data that is processed or maintained on our behalf, or other assets.
If such an event were to occur and cause interruptions in our operations, it could result in a material disruption of our development programs and our business operations, and could result in financial, legal, business, and reputational harm to us. For example, in 2021, we were the victim of a cybersecurity incident that affected our accounts payable function and led to approximately $9.5 million in wire transfers being misdirected to fraudulent accounts. The matter was reported to the FBI and remains under their investigation. The cybersecurity incident does not appear to have compromised any personally identifiable information or protected health information. Fortress, as our controlling stockholder and supporting partner in our back-office functions, provided us with $9.5 million to ensure our accounts payable operations continued to function smoothly. The $9.5 million of support was in the form of a related party note which the boards of both companies have agreed and converted into 1,476,044 shares of our common stock upon the consummation of our IPO in November 2021 at the IPO price. The federal government has been able to trace and seize the fraudulently transferred cryptocurrency associated with the breach. Once the cryptocurrency has been converted back into U.S. dollars, we expect to receive a notification letter to initiate the return of the cash to the Company. This process could take as long as six months or more to complete. Given the recent market declines, volatility, and liquidity issues with cryptocurrency, there is no certainty as to the amount we will ultimately recover. We may incur additional expenses and losses as a result of this cybersecurity incident, including related to investigation fees and remediation costs.
In addition, the loss or corruption of, or other damage to, clinical trial data from completed or future clinical trials could result in delays in our regulatory approval efforts and significantly increase our costs to recover or reproduce the data. Likewise, we rely on third parties for the manufacture of our drug candidates or any future drug candidates and to conduct clinical trials, and similar events relating to their systems and operations could also have a material adverse effect on our business and lead to regulatory agency actions. The risk of a security breach or disruption, particularly through cyber-attacks or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has generally increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased. Sophisticated cyber attackers (including foreign adversaries engaged in industrial espionage) are skilled at adapting to existing security technology and developing new methods of gaining access to organizations' sensitive business data, which could result in the loss of proprietary information, including trade secrets. We may not be able to anticipate all types of security threats, and we may not be able to implement preventive measures effective against all such security threats. The techniques used by cyber criminals change frequently, may not be recognized until launched, and can originate from a wide variety of sources, including outside groups such as external service providers, organized crime affiliates, terrorist organizations, or hostile foreign governments or agencies.
Any security breach or other event leading to the loss or damage to, or unauthorized access, use, alteration, disclosure, or dissemination of, personal information, including personal information regarding clinical trial subjects, contractors, directors, or employees, our intellectual property, proprietary business information, or other confidential or proprietary information, could directly harm our reputation, enable competitors to compete with us more effectively, compel us to comply with federal and/or state breach notification laws and foreign law equivalents, subject us to mandatory corrective action, or otherwise subject us to liability under laws and regulations that protect the privacy and security of personal information. Each of the foregoing could result in significant legal and financial exposure and reputational damage that could adversely affect our business. Notifications and follow-up actions related to a security incident could impact our reputation or cause us to incur substantial costs, including legal and remediation costs, in connection with these measures and otherwise in connection with any actual or suspected security breach. We expect to incur significant costs in an effort to detect and prevent security incidents and otherwise implement our internal security and business continuity measures, and actual, potential, or anticipated attacks may cause us to incur increasing costs, including costs to deploy additional personnel and protection technologies, train employees, and engage third-party experts and consultants. We may face increased costs and find it necessary or appropriate to expend substantial resources in the event of an actual or perceived security breach.
The costs related to significant security breaches or disruptions could be material and our insurance policies may not be adequate to compensate us for the potential losses arising from any such disruption in, or failure or security breach of, our systems or third-party systems where information important to our business operations or commercial development is stored or processed. In addition, such insurance may not be available to us in the future on economically reasonable terms, or at all. Further, our insurance may not cover all claims made against us and could have high deductibles in any event, and defending a suit, regardless of its merit, could be costly and divert management attention. Furthermore, if the information technology systems of our third-party vendors and other contractors and consultants become subject to disruptions or security breaches, we may have insufficient recourse against such third parties and we may have to expend significant resources to mitigate the impact of such an event, and to develop and implement protections to prevent future events of this nature from occurring.