In April 2021, Iran's Natanz uranium enrichment site experienced a significant power failure due to an explosion at the facility. The incident, which targeted the facility's independent internal power system responsible for supplying the underground c...
Between December 2017 and June 2018, a widespread security breach occurred in the Click2Gov online payment platform, impacting numerous cities across the United States. The breach affected residents who made one-time online payments for utility bills ...
In May 2025, Elit Avia, a European luxury aviation services firm, was allegedly breached and listed on the dark web leak site of the Qilin ransomware gang. The posting included purported stolen data, a tactic commonly used by ransomware groups to pres...
In May 2025, Hunter Health Clinic in Wichita, Kansas, announced a data breach affecting over 31,000 patients. The breach stemmed from unauthorized access to an employee's email account around September 30, 2024. The clinic's investigation, conducted w...
In early 2025, Opexus, a software company providing services to numerous U.S. federal agencies, experienced a significant cyber breach. Two employees, twin brothers Muneeb and Suhaib Akhter, who had prior convictions for hacking into the U.S. State De...
In May 2025, Cetus Protocol, a decentralized crypto exchange and liquidity provider on the Sui blockchain, experienced a security breach resulting in a loss of approximately $223 million. The project confirmed the incident on X, announcing the tempora...
In 2025, York County, Pennsylvania, experienced two separate data security incidents that potentially compromised the personal information of its residents. The first incident, discovered in early 2025, involved a data privacy event with a vendor cont...
In May 2025, an advertising firm located in Kurla, Mumbai, experienced a significant cyber attack involving ransomware. Unidentified hackers successfully infiltrated the company's server, encrypted all stored data, and demanded a ransom of Rs 4.25 lak...
In May 2025, a significant Apple ID data breach was discovered, exposing millions of unencrypted logins. The breach originated from a 47.42 GB database found on an unprotected web server without password protection or encryption. The authenticity of t...
In May 2025, OxBykes, a bicycle rental company with operations in Oxford, Cambridge, and London, experienced a data leak due to a security flaw in its mobile application. A customer inadvertently gained administrative-level access to the company's dat...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: