In May 2025, UChicago Medicine Medical Group announced a data breach affecting approximately 38,000 patients. The breach stemmed from a cybersecurity incident impacting Nationwide Recovery Service (NRS), a third-party debt collection agency that UChic...
In March 2025, Cobb County, Georgia, experienced a significant cyber security incident when an unauthorized user gained access to its servers. This prompted the county to shut down multiple online systems to contain the breach, which resulted in the d...
In February 2025, TD Bank, the tenth-largest bank in the United States, disclosed a data breach stemming from unauthorized access and sharing of sensitive customer data by a former employee. The incident, which occurred between August and December 202...
In January 2025, a significant data breach compromised the personal information of over 10,000 healthcare professionals. The breach involved D-Trust, a company that issues electronic practice identification cards used to access healthcare data. The No...
In September 2020, the university disclosed that a third-party vendor had informed four university campuses in May 2020 that the vendor had experienced a data security incident. This incident affected a substantial number of other higher education ins...
In January 2025, AUS Inc. reached a settlement in a class action lawsuit stemming from a data breach that occurred on November 28, 2022. The lawsuit alleged that AUS, a global security, investigations, and risk-consulting company, failed to implement ...
In January 2025, the Squamish-Lillooet Regional District (SLRD) experienced a security incident involving a compromised email account. An unauthorized email, appearing to originate from SLRD Director Tony Rainbow, was sent to over 400 recipients on Ja...
In January 2025, Heritage Health Care reported a data breach to the U.S. Department of Health and Human Services Office for Civil Rights, indicating that unauthorized access to consumer information had occurred. The company has begun notifying the est...
In January 2020, the national restaurant chain alerted customers to a data breach that could have exposed their credit-card information. The company explained that they had implemented advanced security on their main point-of sale system, featuring en...
In late January 2025, the New York Blood Center Enterprises (NYBCe), a major blood collection and distribution organization serving hospitals in multiple states, fell victim to a ransomware attack. The organization detected suspicious activity on its ...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: