The Greater Rochester Independent Practice Association, commonly referred to as GRIPA, has reached a settlement agreement totaling two million one hundred and fifty thousand dollars to resolve a class action lawsuit following a major data breach. The ...
In November 2023, Idaho National Laboratory (INL), a prominent U.S. Department of Energy research facility specializing in nuclear energy and cybersecurity, experienced a significant data breach. The breach affected the laboratory's Oracle Human Capit...
In April 2025, Onsite Mammography, a Massachusetts-based medical imaging provider, announced a data breach affecting 357,265 individuals. The breach stemmed from unauthorized access to an employee's email account, which was discovered in October 2024....
A data breach impacting over 34,000 individuals occurred at Alabama Women’s Health Center (HWWC) due to a hacked employee email account. Although internal emails were encrypted, the hackers' access to the account necessitated an investigation into pot...
The town of Surfside Beach, South Carolina, fell victim to a cyber scam in March 2026, resulting in a loss of over $545,000. The incident involved a fraudulent payment intended for Wildcat Contractors, Inc., a North Carolina construction firm. Town of...
In May 2024, Thompson Coburn LLP, a law firm representing Presbyterian Healthcare Services, discovered suspicious activity on its network. A subsequent investigation revealed that an unauthorized actor had accessed and potentially exfiltrated files c...
In May 2026, the Mount Kisco Surgery Center in New York settled a class-action lawsuit for $527,500 related to a data breach that occurred in November 2023. The surgery center detected unusual activity within an employee's email account, indicating th...
In September 2024, SAG-AFTRA Health Plan, a health insurance provider for media professionals, experienced a data breach due to a phishing attack. An unauthorized party gained access to an employee's email account, exposing the personal information of...
In December 2024, Rhode Island experienced a significant cybersecurity breach impacting its RIBridges system, an online platform managing the state's social and health benefits. The attack, attributed to the Brain Cipher ransomware group, resulted in ...
MCBS, LLC, a regional healthcare management and revenue cycle company based in Augusta, Georgia, recently disclosed a significant cybersecurity incident involving unauthorized access to its internal network. The company, which operates under the name ...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: