In September 2024, a cyber attack targeted the Dutch police force, compromising the work-related contact details of nearly all 65,000 officers. The stolen data included names, email addresses, work phone numbers, and in some cases, personal informatio...
In December 2016, the company discovered a data breach. The breach occurred between August and December 2016 when a former employee, responsible for data entry and access to tenant work orders, used a personal device to illegally access the company se...
In September 2017, the company stopped the biggest-ever DDoS cyber attack to date, they mitigated a 2.54 Tbps DDoS attack. This attack, originated from four Chinese internet service providers and was attributed to a state-sponsored threat actor. The c...
In May 2019, security researchers discovered a significant data breach at the company impacting approximately 15,000 customers. The breach occurred due to a misconfigured Elasticsearch server managed by a third-party vendor contracted by the company. ...
In January 2019, the Government experienced a data breach impacting approximately 30,000 public service employees. This was the first data breach of 2019 and was reported less than 24 hours into the New Year. An unauthorized third party accessed an...
In December 2019, the health system experienced a significant disruption to its IT systems due to a ransomware attack. The attack forced them to revert to manual record-keeping, causing delays in lab results, medication information and appointment sch...
In July 2024, the school experienced a cyberattack that forced them to take their IT systems offline. The IT department detected unusual activity and took steps to shut down systems, ultimately rebuilding the entire system from scratch over the summer...
On May 24, 2024, Varsity Brands, a major athletic supplier specializing in cheerleading and other sports apparel and services, discovered suspicious activity on its computer network. The company, recently acquired by investment firm KKR, took immediat...
In October 2019, the private medical practice suffered a cyber attack after hackers infiltrated the practice's patient database and compromised confidential patient information. Shortly after the breach, the attackers emailed fake invoices to pati...
In October 2019, the oil and gas company experienced a cyberattack on its IT systems. Upon detection of the attack, the company isolated affected system components, initiated a partial shutdown to contain the incident and assured the public that produ...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: