Cybersecurity · Case Studies
All Case Studies.
Real-world incidents explained in full — what went wrong, how it was exploited, and what was learned.
157Case Studies
12Categories
2001–2025Years Covered
·
All Case Studies
157 cases2025critical
Voice Cloning Bank Fraud: Your CEO's Voice Is Now a Hacking Tool
2 min readAI & Deepfake Scams
2024medium
LastPass Employee Deepfake Audio Attack: The CEO's Voice Is Being Cloned
2 min readSocial Engineering
2024critical
LockBit Takedown: Operation Cronos Disrupts the World's Most Prolific Ransomware Gang
2 min readRansomware
2024high
Biden Robocall Deepfake: Synthetic Voice Suppresses New Hampshire Primary Voters
2 min readAI & Deepfake Scams
2024critical
CrowdStrike: A Faulty Update Crashes 8.5 Million Windows Machines Worldwide
2 min readIncident Response
2024critical
Salt Typhoon: China Hacks US Telecom Wiretap Infrastructure
2 min readZero-Day Exploits
2024critical
Synnovis NHS: Ransomware Cancels 10,000 NHS Appointments Including Blood Transfusions
2 min readRansomware
2024critical
Change Healthcare: Ransomware Cripples US Medical Billing for Months
2 min readRansomware
2024critical
XZ Utils Backdoor: Two-Year Social Engineering of Open Source Maintainer
2 min readSupply Chain Attacks
2024high
Polyfill.io CDN Hijack: 100,000 Websites Serve Malicious JavaScript After Domain Sale
2 min readSupply Chain Attacks
2024critical
Snowflake Credential Theft: Ticketmaster, AT&T, and 160 Others Breached via Stolen Logins
2 min readCredential Attacks
2024critical
Deepfake CFO Video Call: Hong Kong Finance Worker Pays $25 Million
2 min readAI & Deepfake Scams
2024high
KYC Bypass with AI Deepfakes: Financial Accounts Opened with Fake Faces
2 min readAI & Deepfake Scams
2023high
WormGPT: Jailbroken LLM Sold on Dark Web for AI-Powered Phishing Generation
2 min readAI & Deepfake Scams
2023medium
Samsung Employees Upload Sensitive Code to ChatGPT: Confidential Data Exits the Company
2 min readInsider Threats
2023medium
Duolingo 2.6 Million User Data Scraped via Exposed API Endpoint
2 min readCredential Attacks
2023critical
3CX Supply Chain: Attack Inside an Attack — Trading Technologies Compromised First
2 min readSupply Chain Attacks
2023critical
MOVEit Zero-Day: One SQL Injection Flaw, 2,700 Organisations Breached
2 min readZero-Day Exploits
2023critical
Citrix Bleed: Authentication Bypass in Citrix ADC Used in Ransomware Attacks
2 min readZero-Day Exploits
2023high
23andMe: 6.9 Million DNA Profiles Scraped via Credential Stuffing
2 min readCredential Attacks
2023critical
Caesars Entertainment: Pay $15M or We Publish Your Loyalty Members' Data
2 min readSocial Engineering
2023critical
Scattered Spider vs MGM Resorts: No-Code Social Engineering Takes Down Vegas
2 min readSocial Engineering
2023critical
MGM Resorts Social Engineering Attack
2 min readSocial Engineering
2023high
Meta GDPR Fine: €1.2 Billion for Transferring European Data to the US
2 min readIncident Response
2023high
Synthetic Identity Fraud Surge: AI Creates Frankenstein Identities Worth $6 Billion
2 min readAI & Deepfake Scams
2023medium
FraudGPT: Subscription Service for AI-Generated Fraud, Available in Telegram
2 min readAI & Deepfake Scams
2023medium
AI Disinformation Farms: 1,000 Fake News Sites Generate Millions of Views for Ad Revenue
2 min readAI & Deepfake Scams
2023critical
Pig Butchering Powered by AI Chatbots: Industrialised Romance Fraud at Scale
2 min readAI & Deepfake Scams
2023high
Microsoft Teams External Tenant Phishing: Office Tools Turned Against Employees
2 min readPhishing Attacks
2023high
Royal Mail Ransomware: LockBit Cripples UK International Post for Weeks
2 min readRansomware
2023high
GitHub Actions Supply Chain: tj-actions Breach Exposes CI Secrets of 23,000 Repositories
2 min readSupply Chain Attacks
2022critical
Romance Scam Pig Butchering: $3.5 Billion in Crypto Stolen Through Manufactured Love
2 min readSocial Engineering
2022medium
GitHub Copilot Leaks Secrets: AI Autocompletion Suggests Real Credentials from Training Data
2 min readAI & Deepfake Scams
2022high
PyPI Malicious Packages: Thousands of Typosquatting Packages Steal Developer Credentials
2 min readSupply Chain Attacks
2022high
AI LinkedIn Fake Profiles: North Korea Uses Generated Faces to Infiltrate Tech Companies
2 min readAI & Deepfake Scams
2022high
Twilio: SMS Phishing Harvests Employee Credentials, Reaches 163 Customer Accounts
2 min readPhishing Attacks
2022critical
Axie Infinity Ronin Bridge: A Fake Job Offer Steals $625 Million in Crypto
2 min readSocial Engineering
2022high
Spring4Shell: Critical RCE in Spring Framework Affects Millions of Java Applications
2 min readZero-Day Exploits
2022critical
LastPass Changing Story: How a Breach Disclosure Evolved Over Three Months
2 min readIncident Response
2022high
GitHub Token Theft via Travis CI: CI/CD Access Exposes Private Repository Secrets
2 min readCredential Attacks
2022critical
LastPass Breach: Lessons in Password Manager Security
2 min readData Breaches
2022medium
Okta Credential Stuffing: 18,000 Customer Accounts Tested with Stolen Passwords
2 min readCredential Attacks
2022critical
Costa Rica National Emergency: Conti Ransomware Paralyses a Country
2 min readRansomware
2022critical
Lapsus$: Teenagers Bribe Telecom Employees to Breach Microsoft, Nvidia, and Uber
2 min readSocial Engineering
2022high
Okta Breach: The Identity Provider That Protects Everyone Gets Compromised
2 min readPhishing Attacks
2021critical
Fortinet VPN Zero-Days: Nation-States Exploit Unpatched VPN Gateways for Years
2 min readZero-Day Exploits
2021critical
Log4Shell: A Single Java Library Puts 3 Billion Devices at Risk
2 min readZero-Day Exploits
2021critical
JBS Foods: REvil Ransomware Shuts Down US Meat Processing Plants
2 min readRansomware
2021medium
GriftHorse: 10 Million Android Users Billed Via Premium SMS Subscription Scam
2 min readSocial Engineering
2021critical
Codecov Bash Uploader Compromise: CI/CD Secrets Harvested from Thousands of Companies
2 min readSupply Chain Attacks
2021critical
PHP Git Backdoor: Attackers Push Malicious Commits to PHP's Official Source
2 min readSupply Chain Attacks
2021critical
Colonial Pipeline Ransomware Attack
2 min readRansomware
2021critical
Emotet: The World's Most Dangerous Malware Takedown
2 min readMalware & Spyware
2021critical
Pegasus Spyware: NSO Group's Commercial Tool Used Against Journalists and Dissidents
2 min readMalware & Spyware
2021critical
Exchange ProxyLogon: 250,000 Servers Backdoored in 24 Hours via Email Server Zero-Days
2 min readZero-Day Exploits
2021high
MSHTML Zero-Day: Nation-States Weaponise Office Documents with No Macros Required
2 min readZero-Day Exploits
2021high
GoDaddy 2021: 1.2 Million WordPress Hosting Customers Exposed via Compromised Password
2 min readCredential Attacks
2021high
Twitch Source Code Leak: 125GB of Internal Data from Credential Misuse
2 min readCredential Attacks
2021high
Verkada Security Camera Breach: Insider Sells Access to Hacker, Tesla and Cloudflare Exposed
2 min readInsider Threats
2021critical
Ubiquiti Insider Whistleblower: The Breach Was Worse Than the Company Admitted
2 min readInsider Threats
2021high
Facebook 533 Million Records: Published in 2021, Breached in 2019, "Old Data"
2 min readIncident Response
2021critical
Kaseya VSA: Ransomware Delivered to 1,500 Businesses in One Hit
2 min readSupply Chain Attacks
2020high
Twitter 2020 Hack: Vishing Internal Employees for Admin Access
2 min readPhishing Attacks
2020medium
Barbara Corcoran's $400,000 BEC: Fake Invoice Fools Real Estate Mogul's Bookkeeper
2 min readSocial Engineering
2020high
FIN7 BadUSB Mail Drop: Ransomware Delivered via Fake Amazon Gift Cards to Hotels
2 min readPhysical Security
2020critical
SolarWinds Supply Chain Attack
2 min readSupply Chain Attacks
2020critical
Garmin WastedLocker: Pilots Lose Navigation, Runners Lose Data for 5 Days
2 min readRansomware
2020critical
SolarWinds CISA Emergency Directive: US Government's Response to a Months-Long Intrusion
2 min readIncident Response
2020high
The Twitter Bitcoin Hack
2 min readSocial Engineering
2020medium
eBay Employee Spear-Phish Leads to Harassment Campaign Against Critics
2 min readPhishing Attacks
2020high
Cosmic Lynx: The Nigerian BEC Gang That Went Upmarket
2 min readPhishing Attacks
2020critical
Universal Health Services: Ryuk Ransomware Across 400 Hospitals
2 min readRansomware
2019high
First Documented AI Voice Clone Fraud: CEO's Voice Transfers €220,000
2 min readAI & Deepfake Scams
2019critical
Baltimore City RobbinHood: Ransomware Locks City Government for 5 Weeks
2 min readRansomware
2019high
GE Aviation IP Theft: Engineer Emails 8,000 Files to Personal Account Before Joining Competitor
2 min readInsider Threats
2019critical
Twitter's Saudi Government Spy: Two Employees on State Payroll in Twitter's SF Office
2 min readInsider Threats
2019high
British Airways GDPR Fine: The First Major Enforcement Sets the Tone
2 min readIncident Response
2019critical
ASUS Live Update ShadowHammer: 1 Million PCs Receive Backdoored Official Updates
2 min readSupply Chain Attacks
2019critical
Capital One: A Misconfigured WAF and a Former AWS Employee
2 min readData Breaches
2019critical
Norsk Hydro: Ransomware Shuts Down Aluminium Plants Across 3 Continents
2 min readRansomware
2019medium
Tailgating Study: 74% of People Hold the Door Open for Strangers in Secure Buildings
2 min readPhysical Security
2019medium
Biometric Bypass: Lifting Fingerprints from Glasses to Clone Entry Credentials
2 min readPhysical Security
2019high
Collection #1: 773 Million Unique Credentials Dumped in One Post
2 min readCredential Attacks
2019critical
Travelex: WastedLocker Ransomware Takes Down Global Currency Exchange
2 min readRansomware
2018high
Tesla IP Theft: Engineer Emails 26,000 Confidential Files Before Joining Competitor
2 min readInsider Threats
2018high
ATM Jackpotting: Black Box Attack Forces ATM to Dispense All Cash
2 min readPhysical Security
2018high
EventStream npm: Malicious Code Buried in Dependency Targets Bitcoin Wallet
2 min readSupply Chain Attacks
2018high
Cisco Insider: Former Employee Deletes 16,000 WebEx Accounts Post-Resignation
2 min readInsider Threats
2018medium
Reddit SMS MFA Bypass: Attacker Intercepts Texts to Access Employee Accounts
2 min readCredential Attacks
2018high
Cambridge Analytica: 87 Million Facebook Profiles and a Quiz App
2 min readInsider Threats
2018critical
Marriott Starwood: 500 Million Guests Exposed in a Breach Hidden Inside an Acquisition
2 min readData Breaches
2017critical
WannaCry Global Ransomware Attack
2 min readRansomware
2017critical
Equifax Data Breach
2 min readData Breaches
2017critical
CCleaner Backdoor: 2.27 Million Downloads Infected via Legitimate Software Update
2 min readSupply Chain Attacks
2017critical
Triton/TRISIS: Malware Designed to Kill People by Disabling Safety Systems
2 min readMalware & Spyware
2017high
GitLab Production Database Deletion: 5 Failed Backups and a Live Stream
2 min readIncident Response
2017critical
Equifax Breach Response: 78 Days to Patch, 40 Days to Disclose, $700M in Fines
2 min readIncident Response
2017medium
Fish Tank Thermometer: Casino High-Roller Database Stolen via IoT Sensor
2 min readPhysical Security
2017critical
NotPetya Recovery: Maersk Rebuilds its Entire Global IT in 10 Days
2 min readIncident Response
2017critical
EternalBlue: NSA's Stolen Weapon Powers WannaCry, NotPetya, and Years of Attacks
2 min readZero-Day Exploits
2017critical
NotPetya: $10 Billion in Damages from a Wiper Disguised as Ransomware
2 min readMalware & Spyware
2016critical
Dyn DDoS Response: When a Third Party's Outage Takes Down Half the Internet
2 min readIncident Response
2016high
Google Phishing Attack on Podesta Campaign
2 min readPhishing Attacks
2016high
Hollywood Presbyterian: Hospital Pays $17,000 to Get Patient Records Back
2 min readRansomware
2016critical
Uber 2016 Cover-Up: Paying Hackers $100,000 via Bug Bounty to Hide a Breach
2 min readIncident Response
2016high
FACC CEO Fraud: Austrian Aerospace Supplier Loses €50 Million to Fake M&A
2 min readPhishing Attacks
2016medium
USB Drop Attack: 60% of People Plug In Dropped USB Drives
2 min readPhysical Security
2016critical
DNC Hack: Fancy Bear's Spear-Phish Decides an Election Narrative
2 min readPhishing Attacks
2016high
Uber Data Breach Cover-Up
2 min readData Breaches
2016critical
Mirai Botnet: IoT Devices Take Down the Internet's Infrastructure
2 min readMalware & Spyware
2016critical
Bangladesh Bank: $81 Million Stolen via Forged SWIFT Messages
2 min readPhishing Attacks
2016critical
Yahoo: 3 Billion Accounts — Every Single One
2 min readData Breaches
2015critical
Anthem Health: 78 Million Patient Records and a Single Phishing Email
2 min readPhishing Attacks
2015critical
Ukraine Power Grid: The First Confirmed Cyber Attack to Kill the Lights
2 min readPhishing Attacks
2015high
IRS Phishing: $5.8 Billion Lost Annually to Tax Season Email Fraud
2 min readPhishing Attacks
2015critical
Carbanak / FIN7: $1 Billion Stolen from Banks via Spear-Phishing and Custom Malware
2 min readMalware & Spyware
2015critical
Duqu 2.0: Kaspersky's Own Network Breached by Sophisticated Spyware
2 min readMalware & Spyware
2015high
Ubiquiti Networks: $46.7 Million Wired to Hong Kong Fraudsters via Email
2 min readPhishing Attacks
2015high
Morgan Stanley Financial Advisor Steals 730,000 Client Records
2 min readInsider Threats
2015medium
Slack 2015: Hashed Passwords Stolen, and the Attacker Left a Message
2 min readCredential Attacks
2014critical
Heartbleed: OpenSSL Bug Exposes Private Keys and Passwords of Two-Thirds of the Internet
2 min readZero-Day Exploits
2014critical
Home Depot: 56 Million Cards via Stolen HVAC Vendor Credentials
2 min readData Breaches
2014critical
Sony Pictures Hack: North Korea Destroys a Studio's IT Infrastructure
2 min readMalware & Spyware
2014critical
Regin: GCHQ's Spyware Against a European Telecom for 10 Years
2 min readMalware & Spyware
2014critical
Shellshock: A 25-Year-Old Bash Bug Enables Remote Code Execution on Millions of Servers
2 min readZero-Day Exploits
2013high
Adobe's 153 Million Account Breach and Embarrassing Password Hints
2 min readData Breaches
2013critical
Edward Snowden and the NSA: The Insider Who Changed the World
2 min readInsider Threats
2013critical
NSA TAO Hardware Interdiction: Intercepting Cisco Routers in Transit
2 min readPhysical Security
2013high
Syrian Electronic Army Hijacks AP Twitter, Markets Crash
2 min readSocial Engineering
2013high
Target Point-of-Sale Breach
2 min readData Breaches
2013critical
Target Breach IR Failure: Security Team Saw the Alerts and Did Nothing
2 min readIncident Response
2013high
CryptoLocker: The Ransomware That Invented Modern Extortion
2 min readRansomware
2012critical
Flame: The 20MB Espionage Toolkit That Mapped Middle East Networks for Years
2 min readMalware & Spyware
2012high
Dropbox 2012: 68 Million Passwords Exposed Because an Employee Reused a Password
2 min readCredential Attacks
2012high
Hotel Keycard Cloning: $300 Device Opens Every Onity Lock in the World
2 min readPhysical Security
2012high
LinkedIn 2012: 117 Million Passwords Hashed With No Salt
2 min readData Breaches
2011high
PlayStation Network Down for 23 Days: 77 Million Accounts Exposed
2 min readData Breaches
2011critical
RSA SecurID: When Two-Factor Authentication Gets Hacked
2 min readSupply Chain Attacks
2010critical
Stuxnet's Four Zero-Days: The Most Expensive Zero-Day Stockpile Ever Deployed
2 min readZero-Day Exploits
2010critical
Stuxnet: The World's First Cyber Weapon Destroys Iranian Centrifuges
2 min readMalware & Spyware
2010high
Global ATM Skimming: Organised Crime Installs Card Readers on Cash Machines
2 min readPhysical Security
2010critical
Operation Aurora: China's Spear-Phish Against Google and 34 Companies
2 min readPhishing Attacks
2010critical
Stuxnet USB Delivery: Crossing the Air Gap With a Memory Stick
2 min readPhysical Security
2010critical
Operation Aurora IE Zero-Day: China Exploits Browser Flaw to Hack Google and 34 Others
2 min readZero-Day Exploits
2010critical
Chelsea Manning: 750,000 Military Documents and Diplomatic Cables Released to WikiLeaks
2 min readInsider Threats
2009medium
Dumpster Dive: Hospital Records, Credit Card Statements, and Patient Files in the Trash
2 min readPhysical Security
2009critical
Heartland Payment Systems: 130 Million Cards and a SQL Injection
2 min readData Breaches
2009high
RockYou: 32 Million Plaintext Passwords Teach the World About Password Storage
2 min readCredential Attacks
2009critical
GhostNet: China Hacks Tibetan Government in Exile and 103 Countries
2 min readMalware & Spyware
2008critical
Conficker: 15 Million Machines, One Unpatched Windows Vulnerability
2 min readMalware & Spyware
2008high
CERN Logic Bomb: IT Worker Plants Malware Set to Activate After Resignation
2 min readInsider Threats
2007critical
TJX Companies: 94 Million Cards Stolen Over 18 Months
2 min readData Breaches
2006medium
Frank Abagnale and the Modern HP Pretexting Scandal
2 min readSocial Engineering
2003critical
SQL Slammer: The Fastest-Spreading Worm in History
2 min readMalware & Spyware
2001critical
Code Red Worm Infects 359,000 Servers in 14 Hours
2 min readMalware & Spyware
1995high
Kevin Mitnick Tailgating: How America's Most Wanted Hacker Walked Into Secure Buildings
2 min readPhysical Security
1995high
Kevin Mitnick: The Art of Social Engineering at Motorola, Nokia, and Fujitsu
2 min readSocial Engineering
Turn incidents into habits
Every case study links to practical guides on how to prevent a repeat.