In 2017, the WannaCry ransomware attack prompted many organizations to reassess their cybersecurity posture, including Aston Martin. Although unaffected by WannaCry, Aston Martin realized its existing anti-malware solution was inadequate. They initiat...
In July 2019, cloud hosting provider iNSYNQ experienced a ransomware attack that significantly impacted their operations and customer data. The attack, later identified as the MegaCortex ransomware, was executed by a sophisticated criminal organizatio...
In December 2025, the Health Service Executive (HSE) confirmed that they were targeted by a second ransomware attack in February of the same year. This attack, which targeted a third-party processor, resulted in a data protection breach reported by HS...
Retina Group of Washington (RGW), a healthcare provider, experienced a cybersecurity breach that affected a significant number of patients. On March 26, 2023, RGW detected unusual activity on its systems, hindering their access to information. An inve...
In December 2022, the company disclosed that they had detected unusual activity within portions of their development environment. After initiating an investigation, they determined that an unauthorised party gained access through a single compromised ...
In March of 2025, StreamElements, a cloud-based streaming platform popular among content creators on Twitch and YouTube, confirmed a data breach stemming from a third-party service provider they had ceased working with the previous year. While StreamE...
A new ransomware group known as Arkana Security has claimed responsibility for a cyberattack against WideOpenWest (WOW!), a US telecommunications provider. Arkana Security asserts that they have successfully infiltrated WOW!'s systems, gaining control...
In March 2025, M.A.D Mobile, a UK-based company responsible for several niche dating platforms, exposed nearly 1.5 million private user images online without password protection. The affected platforms include BDSM People, Chica, Pink, Brish, and Tran...
In March 2025, UAS Asset Management disclosed a data breach that compromised the sensitive personal data of individuals, raising concerns about the security of information entrusted to the company. On March 13, 2025, UAS Asset Management became aware ...
In March 2025, Nine, the parent company of Australian media outlets including The Sydney Morning Herald, The Age, and The Australian Financial Review, experienced a data breach that exposed the personal information of approximately 16,000 subscribers....
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: