In July 2025, a critical zero-day vulnerability in Microsoft SharePoint servers was actively exploited in a widespread global cyberattack, impacting an estimated 100 organizations, with potentially thousands more left vulnerable. The Cybersecurity and...
In June 2025, reports surfaced regarding a potential data breach at T-Mobile, with hackers claiming to have stolen 64 million customer records. The alleged breach included sensitive information such as full names, dates of birth, tax IDs, addresses, p...
In April 2025, Bartlesville Public Schools in Oklahoma experienced a significant cyber security incident that disrupted its digital infrastructure. The breach, which occurred around April 30, impacted the availability of many of the district's compute...
In March 2023, Sur La Table, a company that sells kitchenware and offers cooking classes, experienced a data breach. The breach occurred between March 15th and March 25th, 2023, when an unauthorized party gained access to files containing sensitive em...
In May 2025, two separate cyber security events involving potential data breaches at online platforms have come to light. The first incident involves the discovery of 1.6 million files allegedly belonging to customers of Etsy, Poshmark, and TikTok Sho...
In December 2025, Goldman Sachs alerted investors in some of its alternative investment funds and separately managed accounts about a potential data breach impacting their data. The breach occurred at Fried Frank Harris Schriver & Jacobson LLP, an ext...
In January 2026, Neighbourly, a social media site owned by Stuff, experienced a significant data breach, leading to the temporary shutdown of the platform. The breach exposed sensitive user data, including names, email addresses, GPS coordinates, some...
In December 2025, Ellafi Federal Credit Union, based in Connecticut, disclosed a data breach affecting 17,627 individuals. The breach, stemming from a ransomware attack claimed by the Akira group, compromised sensitive personal and financial informati...
In December 2024, VisionPoint Eye Center (VisionPoint), an eye care practice based in Bloomington, Illinois, disclosed a data breach that exposed the personal and medical information of its patients. The breach stemmed from a cyberattack that occurred...
In December 2025, ManageMyHealth confirmed a cyber breach that would continue to unfold into January 2026. It is believed that up to 126,000 users were affected by the data breach on the patient portal, ManageMyHealth. The scope of the data breach was...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: