In November 2025, Somalia's newly launched electronic visa system (e-visa/eTAS) suffered a significant data breach, potentially compromising the personal information of at least 35,000 applicants, including U.S. and UK citizens. The U.S. and UK govern...
In February 2026, the University of Mississippi Medical Center (UMMC) suffered a significant cyberattack, identified as a ransomware attack, which led to the closure of clinics across the state and the cancellation of numerous surgeries and appointmen...
Cybercriminals are exploiting a vulnerability within the Zendesk customer service platform to launch email bombing attacks. This abuse stems from the widespread lack of authentication requirements in many Zendesk configurations, allowing attackers to ...
A prisoner in Romania exploited vulnerabilities in the National Penitentiary Association (ANP) platform, which is used in prisons for various inmate services. The prisoner discovered a method to bypass the ANP application on tablets and kiosks, gainin...
In October 2025, a significant data breach occurred involving a third-party booking site called Holiday Globe, which granted a customer unauthorized access to the boarding passes and personal information of over 50 Ryanair passengers. Stuart Cobb, a m...
In October 2025, a significant cyberattack targeted the UK's Ministry of Defence (MoD), resulting in the theft of hundreds of confidential military documents. The breach is attributed to the Russian-linked ransomware group Lynx, known for its double e...
In October 2025, Microsoft Azure experienced a significant outage that impacted businesses globally, particularly in Australia. The disruption, which lasted for several hours, was not due to a cyberattack but rather an internal error stemming from a m...
In late January 2016, HSBC, a British bank with approximately 17 million customers in the UK, experienced a cyber attack that disrupted website transactions and consultations. This incident marked the second attack within a month and the fourth since ...
In October 2025, ImageMaster's MuniOS platform, a widely used electronic platform for municipal bond offerings, experienced a cyberattack that took its servers offline for several days. According to ImageMaster, the attack was not a data breach but ra...
In October 2025, PayActiv, Inc., a digital wallet payment app provider, disclosed a cybersecurity incident affecting over one hundred thousand individuals. An unauthorized party gained access to records containing customers' personally identifiable in...
Cyber Security Case Studies has worked with a number of groups to develop these risk effect categories which represent a plain-english description of the impacts seen in public cyber events alongside their definition: