In December 2024, Muswellbrook Shire Council experienced a cyber attack involving unauthorized access to its IT systems. The council has initiated an investigation to determine the method of intrusion and the extent of the compromise. While the counci...
In December 2024, Hong Kong's privacy watchdog, the Office of the Privacy Commissioner for Personal Data (PCPD), criticized the Electrical and Mechanical Services Department (EMSD) for a data breach affecting over 17,000 residents. The breach stemmed ...
In December 2024, Kaye-Smith Enterprises Inc. reached a $2 million settlement to resolve a class action lawsuit stemming from a data breach discovered in June 2022. The lawsuit claimed that the breach compromised the sensitive personal information of ...
In July 2025, Ingram Micro, a major IT distributor, experienced a significant cyber security incident involving a ransomware attack that disrupted its global operations. The attack, attributed to the SafePay ransomware group, led to widespread outages...
In June 2025, Hawaiian Airlines reported a cybersecurity incident that affected some of its IT systems. The airline assured the public that flights were operating safely and on schedule, and that they had taken steps to safeguard operations, engaging ...
In June 2025, the Iranian cryptocurrency exchange Nobitex experienced a significant security breach, resulting in losses ranging from $48 million to $100 million. The attacks have been attributed to a pro-Israeli hacker group known as Gonjeshke Darand...
Monticello Banking Company (MBC) has announced that it has been the target of a cyberattack. In response to the attack and to protect its customers, MBC has restricted access to several of its services, including ATMs, cash management, MBC Online, and...
The Canadian government has ordered Hikvision Canada Inc., a subsidiary of the world's largest video surveillance equipment manufacturer, Hangzhou Hikvision Digital Technology Co., Ltd., to cease all operations in Canada due to national security conce...
In December 2024, Horizon Healthcare RCM, an Indiana-based revenue cycle management firm, experienced a ransomware attack involving encryption and data exfiltration. The breach, discovered on December 27, 2024, exposed the personal and protected healt...
In April 2025, Esse Health, a large independent physician group in the Greater St. Louis area, Missouri, experienced a cyberattack that compromised the personal information of over 263,000 individuals. The breach was detected on April 21, 2025, when t...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: