In April 2026, Mercor, an AI recruiting startup valued at $10 billion, confirmed it was impacted by a supply chain cyberattack stemming from a compromise of the open-source LiteLLM project. This confirmation followed claims by the Lapsus$ extortion gr...
In April 2022, it was reported that more than 8 million customers had their personal data compromised after a former employee downloaded internal reports without permission. The exposed information included customers’ full names and brokerage accou...
Blank Rome LLP, a prominent global law firm operating sixteen offices with a workforce of over eight hundred attorneys, has recently become the subject of a cybersecurity investigation following a significant data breach. This incident involved unauth...
Aspire Health Alliance, a behavioral health services provider based in Braintree, Massachusetts, recently announced a data security incident that may have compromised personal and protected health information of certain individuals who used their serv...
The Greater Rochester Independent Practice Association, commonly referred to as GRIPA, has reached a settlement agreement totaling two million one hundred and fifty thousand dollars to resolve a class action lawsuit following a major data breach. The ...
In November 2023, Idaho National Laboratory (INL), a prominent U.S. Department of Energy research facility specializing in nuclear energy and cybersecurity, experienced a significant data breach. The breach affected the laboratory's Oracle Human Capit...
In April 2025, Onsite Mammography, a Massachusetts-based medical imaging provider, announced a data breach affecting 357,265 individuals. The breach stemmed from unauthorized access to an employee's email account, which was discovered in October 2024....
A data breach impacting over 34,000 individuals occurred at Alabama Women’s Health Center (HWWC) due to a hacked employee email account. Although internal emails were encrypted, the hackers' access to the account necessitated an investigation into pot...
The town of Surfside Beach, South Carolina, fell victim to a cyber scam in March 2026, resulting in a loss of over $545,000. The incident involved a fraudulent payment intended for Wildcat Contractors, Inc., a North Carolina construction firm. Town of...
In May 2024, Thompson Coburn LLP, a law firm representing Presbyterian Healthcare Services, discovered suspicious activity on its network. A subsequent investigation revealed that an unauthorized actor had accessed and potentially exfiltrated files c...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: