In December 2023, Bradford Health Services, an addiction treatment provider, detected unusual network activity indicating a data breach. An investigation, concluding in May 2025, confirmed unauthorized access and acquisition of files containing sensit...
United Medical Doctors, a large independent multi-specialty medical and surgical group headquartered in Murrieta, California, recently disclosed a significant data breach that may have exposed the personal information of current and former patients. T...
The Phia Group, a prominent healthcare consulting and cost-containment firm headquartered in Massachusetts, has officially announced a major data security incident that originated in 2024. The company plays a critical role in the healthcare ecosystem ...
EMM Loans, LLC, a residential mortgage lender based in New Jersey, reached a settlement agreement in April 2026 to resolve a class action lawsuit following a significant data breach discovered in February 2024. The breach, which was identified around ...
Groupe Crit, an international staffing firm headquartered in Paris, has officially announced a cybersecurity incident that resulted in a data breach at two of its subsidiaries located in Tunisia. The affected entities, identified as Crit Tunisie and C...
Weil Gotshal & Manges LLP, a prominent US law firm, recently became the target of a significant cyber extortion event orchestrated by the threat group known as Luna Moth, as reported in June 2026. The incident involved the unauthorized acquisition and...
A significant cybersecurity incident has recently compromised the personal information of guests across more than one hundred hotels in the Netherlands, leading to a widespread phishing campaign. Hospecs, a prominent firm providing services and operat...
The Melbourne International Film Festival recently experienced a significant data breach involving its third-party ticketing platform, Ferve Tickets. This security incident resulted in the unauthorized access of personal information belonging to appro...
In May 2026, the Central Board of Secondary Education revaluation portal was the target of a malicious cyberattack that specifically compromised its payment system infrastructure. According to government sources, the breach resulted in unauthorized ac...
Industrial Acceptance Corporation, a family-owned finance company providing automotive loans to non-prime borrowers through over one thousand East Coast dealerships, recently reported a significant cybersecurity incident. The event was identified as a...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: