In August 2020, the Canada Revenue Agency (CRA) experienced a significant cybersecurity event involving a series of credential stuffing attacks. This method uses stolen usernames and passwords from other websites to gain unauthorized access to user ac...
A significant data breach targeted Fujitsu, a major Japanese technology provider to the Japanese government, compromising data related to the Tokyo 2020 Olympics. The breach exposed login credentials of ticket holders, potentially allowing access to ...
In April 2026, Stelia Aerospace, a manufacturer of cabin equipment, experienced a ransomware attack targeting its North American IT environment. Upon detecting the intrusion, Stelia Aerospace promptly activated its cyber defense protocols and implemen...
In April 2026, the International Monetary Fund (IMF) began closely monitoring a cybersecurity incident in Sri Lanka, where cybercriminals successfully breached the Finance Ministry's computer systems. The unauthorized access targeted the External Reso...
A cybersecurity incident has occurred at Shanghai Tunnel Engineering Co (Singapore), a contractor involved in the construction of three Jurong Region Line (JRL) MRT stations and the new Changi NEWater Factory 3. The company reported that data related ...
A significant data breach has potentially exposed the personal and financial information of approximately 153,000 customers of Iberdrola, a major Spanish energy company. The breach is attributed to a compromise at Zirconite de Negocios, an authorized ...
In April 2026, Esquire, a large technology wholesaler in South Africa, experienced a data breach that compromised a portion of its SQL database powering its API data feed. The company promptly notified its customers and assured them that its primary d...
In April 2026, Polymarket, a decentralized cryptocurrency-based prediction market, refuted claims of a data breach after a hacker known as "xorcat" posted alleged user data on a dark web forum. Xorcat claimed to have stolen over 300,000 records, inclu...
In December 2026, the Pine Bluff School District fell victim to a cyberattack resulting in a loss of over $3.2 million. The incident involved a fraudulent wire transfer initiated on December 17th, when district staff processed a payment for what they ...
In April 2026, Lee & Lee Country Club, a golf course in Gapyeong-gun, Gyeonggi Province, South Korea, suffered a significant data breach that compromised the personal information of approximately 100,000 customers. The Korean National Police Agency's ...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: