In August 2020, the Canada Revenue Agency (CRA) experienced a significant cybersecurity event involving a series of credential stuffing attacks. This method uses stolen usernames and passwords from other websites to gain unauthorized access to user ac...
A significant data breach targeted Fujitsu, a major Japanese technology provider to the Japanese government, compromising data related to the Tokyo 2020 Olympics. The breach exposed login credentials of ticket holders, potentially allowing access to ...
Aroostook Mental Health Center (AMHC) is currently investigating a data security incident that involved unauthorized access to its computer network and the potential theft of protected health information and personally identifiable information. On Mar...
In May 2026, RXNT, a healthcare software technology company, began notifying its customers about a cybersecurity incident involving unauthorized access to its systems. The incident, which occurred between March 1, 2026, and March 3, 2026, resulted in ...
In May 2026, Hanover County Schools (HCPS) confirmed they were the victim of a data security incident that occurred in March. A malicious actor gained unauthorized access to the school division's network data and attempted to deploy ransomware to encr...
Cushman & Wakefield, a global real estate services firm, has confirmed a data breach stemming from a vishing attack. Two separate cybercrime groups, ShinyHunters and Qilin, have claimed responsibility for attacks on the company. Cushman & Wakefield be...
In May 2026, the Everest Group ransomware gang began leaking a purported 108-gigabyte trove of data allegedly stolen from Liberty Mutual on April 30. Everest claimed the release occurred because the insurance company failed to meet their demands. Foll...
In early May 2026, the San Diego Community College District (SDCCD) experienced a significant cyberattack that disrupted operations across its four colleges: City, Mesa, Miramar, and Continuing Education. The attack, detected on a Saturday, prompted t...
In April 2026, Stelia Aerospace, a manufacturer of cabin equipment, experienced a ransomware attack targeting its North American IT environment. Upon detecting the intrusion, Stelia Aerospace promptly activated its cyber defense protocols and implemen...
In April 2026, the International Monetary Fund (IMF) began closely monitoring a cybersecurity incident in Sri Lanka, where cybercriminals successfully breached the Finance Ministry's computer systems. The unauthorized access targeted the External Reso...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: