In late August 2025, the state of Nevada experienced a significant cyberattack that disrupted numerous state services and agencies, including the Department of Motor Vehicles (DMV), the Department of Public Safety, the Nevada Health Authority, and the...
In late September 2025, Carter Credit Union disclosed a data breach that compromised the sensitive personal and protected health information of individuals. The breach occurred between June 25 and July 2, 2025, when an unauthorized third party gained ...
In September 2025, a significant disruption to internet connectivity occurred in the Red Sea region due to multiple subsea fiber-optic cables being cut. This incident impacted internet traffic passing through the Middle East, affecting connections bet...
In September 2025, Zscaler, along with numerous other organizations, disclosed a data breach stemming from a supply chain attack targeting Salesloft Drift, a marketing automation platform integrated with Salesforce. The threat actor, identified as UNC...
In September 2025, a significant data breach impacted numerous cybersecurity vendors, including Proofpoint, Tenable, CyberArk, and Qualys, due to a vulnerability in the Salesloft Drift application, a third-party tool integrated with Salesforce. Threat...
In September 2025, Bridgestone Americas (BSA), the North American arm of the global tire manufacturer, confirmed it was investigating a cyberattack that impacted some of its manufacturing facilities. The company believes its rapid response and establi...
In September 2025, a significant data exposure event occurred at Navy Federal Credit Union (NFCU), the largest credit union serving U.S. military members, veterans, and their families. Cybersecurity researcher Jeremiah Fowler discovered an unsecured A...
In June 2025, Somerset County, Pennsylvania, experienced a data breach affecting the Children and Youth Services (CYS) Department. The breach, which occurred between June 26 and June 30, involved unauthorized access to some CYS email accounts. This un...
In early March 2025, The LoveSac Company, a furniture retailer known for its "Sactionals" and "Sacs," was targeted in a cyberattack by the RansomHub ransomware group, leading to a data breach. The company detected suspicious activity on its network on...
In September 2025, Wealthsimple, a Canadian online investment management service with over three million clients and CAD$84.5 billion in assets, disclosed a data breach that occurred on August 30th. The breach resulted in the unauthorized access of pe...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: