In June of 2025, Equilibria Mental Health Services, a mental health services company located in Philadelphia, experienced a data breach that impacted at least 500 individuals. The breach occurred as a result of a phishing attack, where malicious actor...
In August 2025, Children's Home & Aid, operating as Brightpoint, a social service agency in Illinois, reported a data breach affecting 1,051 individuals to the U.S. Department of Health and Human Services. The cybersecurity incident involved unauthori...
In August 2025, Murphy Law Firm announced an investigation into a data breach affecting Fundamental Administrative Services, LLC. The breach, discovered around January 20, 2025, involved unauthorized access to Fundamental's computer systems between Ja...
In August 2025, the Netherlands' Public Prosecution Service (Openbaar Ministerie, or OM) experienced a significant cyberattack, leading to an unexpected consequence: the disabling of numerous speed cameras across the country. The OM, responsible for p...
CEI Vision Partners, a network of ophthalmologists and optometrists acquired by EyeCare Partners in 2021, is under investigation following a data breach that compromised sensitive patient information. The breach, which occurred between May 24 and May ...
In August 2025, the City of Middletown, Ohio, experienced a significant cybersecurity incident that disrupted numerous city functions and services, impacting its 50,000 residents. The attack led to the closure of in-person services at the City Buildin...
In August 2025, CB1 Medical, a UK-based medical cannabis clinic, announced it was investigating a significant data breach that exposed patient information. The breach involved the leakage of personal details, including contact information, dates of bi...
In August 2025, BFC Solutions, a provider of preventive maintenance services for commercial HVAC systems, disclosed a data breach that impacted 8,371 individuals across the United States. The breach stemmed from a network disruption that occurred betw...
In August 2025, Trinity News, Ireland's oldest student newspaper, fell victim to a cyber attack that rendered its website inoperable. The attack, a coordinated distributed denial of service (DDoS), originated from various cloud-service computers acros...
In August 2025, Scotch College, a prominent boys' school in Melbourne, experienced a significant data breach affecting the personal information of families and alumni. Principal Dr. Scott Marsh communicated the incident to the school community, expres...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: