A former Walt Disney World employee was arrested by the FBI for allegedly hacking into the company's servers and tampering with menu information. The suspect, a former menu production manager, was fired in June 2024 under contentious circumstances. Hi...
In September 2025, Zscaler, along with numerous other organizations, disclosed a data breach stemming from a supply chain attack targeting Salesloft Drift, a marketing automation platform integrated with Salesforce. The threat actor, identified as UNC...
In August 2025, Google confirmed that one of its corporate Salesforce instances was breached in June by the cybercriminal group ShinyHunters, also tracked as UNC6040, resulting in the theft of customer data. This incident is part of a larger wave of a...
In January 2025, Alpha Baking Co. experienced a data breach that compromised the private information of its consumers, leading to a class action lawsuit. The lawsuit alleged that Alpha Baking failed to adequately protect sensitive information, includi...
In May 2026, OpenAI confirmed a security breach stemming from a supply chain attack targeting open-source software. The incident involved the Shai-Hulud malware campaign and affected two employee devices through a compromised TanStack npm package, a t...
In May 2026, a series of cyberattacks targeted France's tourism industry, impacting multiple booking websites. Gîtes de France, a popular booking platform, reported a security incident resulting in unauthorized access to customer booking records. The ...
Verber Dental Group, a dental practice operating 14 locations in South Central Pennsylvania, experienced a data security breach that potentially compromised patient information. The company detected unusual network activity on January 27, 2026, and im...
The town of Surfside Beach, South Carolina, fell victim to a cyber scam in March 2026, resulting in a loss of over $545,000. The incident involved a fraudulent payment intended for Wildcat Contractors, Inc., a North Carolina construction firm. Town of...
In May 2026, the African National Congress (ANC), South Africa's largest political party, was reportedly hit by a data breach in which nearly 2GB of private information belonging to its members was exposed. The cybercriminal group Black X claimed resp...
The Goodstone Group, a hospitality organization operating in northern Tasmania, Australia, has confirmed it was the victim of a ransomware attack by the CMD Organization. The attack, which began on April 18, 2026, resulted in the theft of data from th...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: