On October 20, 2025, a major outage impacted millions of users worldwide, rendering numerous popular platforms inaccessible. Services such as Snapchat, Roblox, Fortnite, Duolingo, Xero, Grammarly, and Canva experienced significant disruptions, prompti...
In October 2025, Ribbon Communications, a major telecommunications services provider, disclosed a significant breach of its IT network. The company believes unauthorized individuals, reportedly associated with a nation-state actor, gained access to it...
In October 2025, security researcher Johann Rehberger discovered a vulnerability in Anthropic's Claude AI model that allows for the exfiltration of private data through indirect prompt injection. The attack involves injecting malicious instructions in...
In February 2025, Lighthouse Electric Company (LEC) disclosed a data breach that compromised sensitive personal and protected health information. The incident, which LEC became aware of on October 26, 2024, involved unauthorized access to its IT netwo...
In February 2025, Heartland Bank reported a data breach stemming from unauthorized access to its email system. The incident, which was disclosed in a notice to the Attorney General of Massachusetts, exposed sensitive consumer information, including na...
In February 2025, KeyBank disclosed a data breach stemming from a security incident at Wong Fleming, P.C., a third-party vendor providing asset recovery services. The breach, which occurred on January 16, 2025, involved unauthorized remote access to W...
In January 2025, the town of Bourne experienced a cybersecurity breach targeting its information technology network. Town Administrator Marlene McCollem reported the incident to the Select Board in February, acknowledging that an unauthorized third pa...
In February 2025, the Virginia Attorney General's office, headed by Jason Miyares, experienced a "sophisticated cyberattack" that forced the agency to shut down its computer systems. The attack was detected early Wednesday morning, prompting immediate...
In February 2025, Sri Lanka experienced a nationwide power outage affecting 22 million users after a monkey interfered with a grid transformer at a power substation. This incident caused an imbalance in the power system, highlighting the vulnerability...
In February 2025, OmniGPT, an AI chatbot and productivity platform that integrates multiple AI models like ChatGPT-4 and Gemini, allegedly suffered a significant data breach. A hacker known as "Gloomer" claimed responsibility, posting samples of the s...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: