Skip to content
CBCyber Breaches
Search

All incidents

Every catalogued cyberattack, filterable by attack type, sector, country, and year.

Attack
Sector
Data breachRansom paid

Instructure Canvas LMS ShinyHunters breach (2026)

ShinyHunters exploited Canvas's Free-For-Teacher account programme to exfiltrate 3.65 TB of data spanning approximately 275 million users across nearly 9,000 schools — names, email addresses, student IDs, and some private messages between students and teachers. Instructure reportedly paid the ransom and the data was destroyed.

Victim
Instructure (Canvas LMS)
Loss
$10.0M
Records
275.0M
OtherUnknown

Leak at Lilagora (via AlumnForce)

First and last name, email address, phone number, postal code, city, current job title, career aspirations, professional experience, career path within the network, degree obtained, year, skills

Victim
Lilagora
OtherUnknown

Leak at Alumni Université de Strasbourg (via AlumnForce)

First name, name Email address Phone number Postal code, city Current job title Career aspirations: Sectors, compensation sought, countries or cities + postal codes sought, position sought, experience level Professional experience: month and year, job title, company, city Career path within the network: degree obtained in year, name of the degree) Skills

Victim
Alumni Université de Strasbourg
Data breachUnknown

109,302 CMF members: data leak claimed

The 109,302 members of the Confédération Musicale de France (CMF) are reportedly affected, according to the claim. According to the elements provided, a batch put up for sale by the actor HexDex would contain the…

Victim
Confédération Musicale de France (CMF)
Records
109.3K
Data breachUnknown

Data leak at Mingat

Mingat customers are affected by a data leak confirmed by the company. The firm, specialized in vehicle rental, informed its customers of a security incident that…

Victim
Mingat
Data breachUnknown

Data leak at Vatel Capital

Vatel Capital customers were informed by email on 9 March 2026 of an accidental file exposure. The asset management company indicates that the incident occurred between 21 February and 3…

Victim
Vatel Capital
OtherUnknown

Leak at ESPCI

Title, usual first and last name Professional email, and possibly personal email if provided Identification data: username, but not the password Position and assignment Photo, unless it had been indicated it should only be used for the badge Access permissions to services and premises Mailing list subscriptions For students: course enrolments For staff: employer, field of activity (BAP, CNRS and CNU section) For staff employed by the in-house body: corps, contract end date For service providers, partners and external personnel: employer, socio-professional category

Victim
ESPCI
OtherUnknown

Leak at FFCK and Paddle Sports

Last name, First name Gender Date of birth Club name, Departmental committee name, Departmental committee code, Regional committee name, Regional committee code Paddle color, Licence type

Victim
FFCK and Paddle Sports
OtherUnknown

Leak at the French Office for Biodiversity

Last name, first names Date and place of birth Postal address Landline and mobile phone numbers Nationality Email address Hunting licence number Information relating to the application, processing or examination of the hunting licence Listing in the national file of persons prohibited from acquiring and holding firearms Summons, dates, attendance and result

Victim
French Office for Biodiversity
OtherUnknown

Leak at 11 real estate agencies

1.2 million documents, 500+ GB SCI Fonciere de la tourelle Aix La Duranner Immo MARTEAU IMMOBILIER (Orpi) AFG IMMOBILIER OC INVESTISSEMENT TRENTA IMMOBILIER BLG PATRIMOINE SB IMMOBILIER SUN IMMOBILIA IMMOVALIE SAS Immo Name, first name Postal address Login and password Email address Rent receipt, invoice Phone number Contract data IBAN Maintenance logs Marketing campaigns Financial reports Minutes of general meetings E·V·E·R·Y·T·H·I·N·G

Victim
11 real estate agencies
OtherUnknown

Leak at Guiot de Bourg

90,000 customers Last name, first name Email address Hashed password Date of birth Newsletter signup IP Website Authorized amount Payment terms Guest status Deleted account (😒) Password renewal token Secret key

Victim
Guiot de Bourg
OtherUnknown

Leak at Panorama Banques

2,340,422 customers Last name, first name Nationality Postal address Email address Phone number Marital status Income, current loans, rent Bank Account opening date Owner/tenant status Profession, type of employment contract

Victim
Panorama Banques
OtherUnknown

Leak at Orpi

IBAN Last name, first name Rent receipt Postal address Extranet username Extranet password in plain text Tenant

Victim
Orpi
OtherUnknown

Leak at ENSAM

First name, last name Social Security number Scholarship award decision and amount Start and end date of sick leave

Victim
ENSAM
OtherUnknown

Leak at Eurail

First name, last name Date of birth Email address Postal address Phone number Passport number, issue and expiration date

Victim
Eurail
Data breachUnknown

2.1 million: data leak at OFII / ANEF

People who used the OFII / ANEF "Étrangers en France" portal are affected: the leak is confirmed and covers around 2.1 million rows of data. This portal is used by…

Victim
OFII / ANEF ("Étrangers en France" portal – French Ministry of the Interior)
OtherUnknown

Leak at Allegro Musique

161,412 members Name, first name Postal address Email address Phone number Social security number Registration and termination date Content of listings

Victim
Allegro Musique
OtherUnknown

Leak at HelloWork

Last name, first name Email address Desired role Qualification level Work experience Industries of interest Contract types sought Geographic mobility areas

Victim
HelloWork
OtherUnknown

Leak at 123 casting

240,000 users name, first name MD5-hashed password (so effectively in plaintext…) date of birth, gender postal address email address phone number height, weight, eye and hair color, measurements ethnic origin distinctive features photo & video book private message history payment data

Victim
123 casting
OtherUnknown

Leak at Altitude Infra

5.76 GB, 3.8 million customers Network infrastructure Partners file Operational data Support tickets Prospect identities Postal address Phone number

Victim
Altitude Infra
OtherUnknown

Leak at justice.fr

1,100 justice professionals last name, first name judicial position personal address personal phone number professional information IBAN

Victim
justice.fr
OtherUnknown

Leak at the French Ministry of Sports

3.5 million households: first and last name, date of birth, gender, email address, postal address, phone number, category of aid received, organization code, social security number, INE number, CAF number, Pass Sport code

Victim
French Ministry of Sports
OtherUnknown

Leak at Médecin Direct

first and last name, date of birth, email address, postal address, social security number, subject of the teleconsultation, pre-consultation questionnaire, data exchanged with the practitioner

Victim
Médecin Direct
OtherUnknown

Leak at Murfy

294,075 customers: first and last name, email address, postal address, phone number, account balance, exchanged messages, comments, reason for visits, technician

Victim
Murfy
OtherUnknown

Leak at Eurofiber

3,600 companies (BPCE, Auchan, CGI, Thales, SFR, Orange…) sensitive network infrastructure data VPN access credentials source code certificates emails SQL backups

Victim
Eurofiber
OtherUnknown

Leak at Pajemploi

1.2 million people last name, first name social security number postal address date and place of birth name of bank Pajemploi number and accreditation number IBAN

Victim
Pajemploi
OtherUnknown

Leak at MYM

5 million customers: username, first and last name, company, postal address, date of birth, password (MD5 hashed), email, phone number, IP address, social networks (Instagram, Facebook, Twitter, Snapchat), date of registration and last login

Victim
MYM
OtherUnknown

Leak at France Travail

16,479 people authentication data in plaintext civil status address, phone number, email ID card RIB employment contracts tax notices Social Security attestation training certificate work authorization

Victim
France Travail
OtherUnknown

Leak at Discord

name, username payment information last 4 digits of payment card transaction history IP address messages exchanged with support ID card age verification documents

Victim
Discord
RansomwareContained

Asahi Group Holdings Qilin ransomware (2025)

Qilin ransomware operators encrypted servers across Asahi's Japanese data centres, halting ordering, shipment, and production at 30 factories, leaking 27 GB of internal data, and exposing personal information of approximately 1.5 million customers, employees, and contacts.

Victim
Asahi Group Holdings
Loss
$31.4M
Records
1.5M
OtherUnknown

Leak at Optic 2000

title, last name, first name social security number date of birth postal address customer number phone number store concerned optician's name

Victim
Optic 2000
Social engineeringContained

C&M Software Pix heist (Brazil, 2025)

A junior developer at C&M Software — a Central Bank-authorized provider of Pix instant-payment connectivity — was paid roughly R$5,000 to hand over credentials. Attackers used the access to drain approximately R$800 million ($148 million) from reserve accounts at six Brazilian financial institutions in 2.5 hours.

Victim
C&M Software (Pix payment infrastructure provider)
Loss
$148.0M
OtherUnknown

Leak at Kaviari

last name, first name, gender date of birth email address, postal address phone number username, password customer number order history

Victim
Kaviari
OtherUnknown

Leak at Pulsy

last name, first name gender date of birth, place of birth postal address phone email medical data care pathway date and locations of hospitalisations

Victim
Pulsy
OtherUnknown

Leak at MAIF & BPCE

name, gender, date of birth, marital and professional status, postal address, email address, phone number, income, assets, member number

Victim
MAIF & BPCE
OtherUnknown

Leak at Intersport

3.4 million transaction number invoice number PayPal reference number transaction code start date / end date of the transaction debited or credited transaction gross amount of the transaction payer account number buyer's username delivery and billing address user ID first and last name, payment source loyalty card number

Victim
Intersport
Data breachContained

Yale New Haven Health data breach (2025)

Suspicious network activity at Yale New Haven Health led to the largest U.S. healthcare data breach of 2025: 5.5 million patients had names, contact details, dates of birth, medical record numbers, and Social Security numbers stolen. The health system later agreed to an $18 million class-action settlement.

Victim
Yale New Haven Health System
Loss
$18.0M
Records
5.6M
OtherUnknown

Leak at École Nationale de la Sécurité

30,000 people title, first name, last name date of birth address phone, email city and country of birth nationality social security number Pôle Emploi number VTC card number qualification, education level

Victim
École Nationale de la Sécurité
OtherUnknown

Leak at Nord Emploi

last name, first name phone address recipient number referring organisation RSA & CAF form CV rights opening date deregistration date personalised project notification support arrangements illiteracy status ability to use computer tools childcare solution support from a professional network number of applications professional life associative and professional experience training, skills targeted occupations interests language certification office tools proficiency driving licence

Victim
Nord Emploi
OtherUnknown

Leak at AIDES

name, first name date of birth postal address, phone, email address IBAN social security number health check-up result

Victim
AIDES
Data breachContained

Telefónica Hellcat infostealer-to-Jira breach (Spain, 2025)

Infostealer malware on the endpoints of 15+ Telefónica employees gave the Hellcat ransomware group credentials into the company's internal Jira ticketing system. Social-engineering escalated the access to SSH. The group did not extort — it publicly published 2.3 GB including 24,000 employee emails, 470,000 internal Jira tickets, and 5,000 internal documents.

Victim
Telefónica
Records
500.0K
OtherUnknown

Data leak at SFR

3.6 million customers first name, last name email address postal address, postal code, city date of birth, department of birth phone number 150,000 IBANs

Victim
SFR
OtherUnknown

Leak at Auchan

name, first name email address, postal address phone number family composition date of birth loyalty card number, kitty amount

Victim
Auchan
OtherUnknown

Leak at Mediboard

750,000 patients: first and last name, date of birth and date of death, gender, phone number, attending physician, medical prescriptions, external identifier, care history

Victim
Mediboard
OtherUnknown

Leak at Picard

45,000 people last name, first name date of birth email address postal address phone number loyalty card number loyalty points discount vouchers order history receipts shopping list favourite purchases

Victim
Picard
OtherUnknown

Leak at Free

5.1 million people last name, first name date of birth place of birth email address postal address IBAN subscriber identifier subscribed plan type subscription date active subscription or not

Victim
Free
EspionageContained

Salt Typhoon US telecom espionage campaign (2024)

China-linked Salt Typhoon infiltrated at least nine U.S. telecom providers — Verizon, AT&T, T-Mobile, Spectrum, Lumen, Consolidated, Windstream — including the CALEA lawful-intercept systems used for court-authorised wiretaps. Metadata for over a million users was exposed; the U.S. Treasury sanctioned a linked PRC contractor.

Victim
U.S. telecommunications providers (Verizon, AT&T, T-Mobile, Spectrum, Lumen, Consolidated Communications, Windstream)
OtherUnknown

Leak at RED by SFR

Several tens of thousands of customers last name, first name email address postal address phone number IBAN plan type SIM card identifier smartphone identifier

Victim
RED by SFR
Credential stuffingRansom paid

AT&T Snowflake call-records breach

AT&T disclosed that attackers used credentials stolen by infostealers to authenticate into its Snowflake cloud-data-warehouse tenant — which lacked MFA — and exfiltrated call and text metadata covering nearly all 110 million AT&T wireless customers.

Victim
AT&T Communications
Loss
$200.0M
Records
110.0M
RansomwareContained

Indonesia PDNS Brain Cipher (LockBit 3.0) ransomware (2024)

Brain Cipher — a Lockbit 3.0–derived ransomware — encrypted Indonesia's Temporary National Data Center (PDNS), paralysing 282 government digital services from immigration to passport issuance for weeks. Attackers demanded $8M; the government refused. Brain Cipher subsequently released a decryptor free of charge, with an apology.

Victim
Pusat Data Nasional Sementara (PDNS), Indonesia
Credential stuffingContained

Snowflake customer-account credential-stuffing campaign (UNC5537, 2024)

A threat cluster tracked as UNC5537 / ShinyHunters used credentials harvested by infostealer malware to log into ~160 Snowflake customer tenants that lacked MFA. Victims included AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts, Neiman Marcus, and Bausch Health. Ticketmaster alone exposed data for ~560 million users.

Victim
Snowflake customer tenants (~160 organisations: AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts, Neiman Marcus, Bausch Health, et al.)
Records
560.0M
OtherUnknown

Data leak at Ticketmaster

560 million people first name, last name email address postal address phone number transaction history order details banking information (last 4 digits of the saved card and expiry date)

Victim
Ticketmaster
RansomwareContained

Westpole LockBit ransomware — Italian PA outage (2023)

LockBit 3.0 encrypted the data centres of Italian cloud provider Westpole, taking down PA Digitale's Urbi platform — which serves 1,300 Italian public administrations including 540 municipalities, the Quirinale presidency, ISTAT, the Bank of Italy, and the Ministry of Environment. Payroll, citizen services, and local-government workflows were degraded for weeks.

Victim
Westpole / PA Digitale (Urbi platform)
RansomwareContained

ICBC Financial Services LockBit ransomware (2023)

LockBit ransomware disrupted the U.S. broker-dealer arm of the world's largest bank, ICBC, jamming settlement of over $9 billion in U.S. Treasury trades. Bank staff sent critical settlement details by USB stick via a messenger across Manhattan. $62 billion of Treasuries failed to deliver in one day.

Victim
ICBC Financial Services (U.S. broker-dealer of Industrial and Commercial Bank of China)
Loss
$9.00B
RansomwareRansom paid

Caesars Entertainment Scattered Spider ransom payment (2023)

Scattered Spider impersonated a Caesars employee on a call to a third-party IT support vendor and convinced the vendor to grant Okta credentials, then exfiltrated customer loyalty data including SSNs and driver's licences. Caesars paid roughly $15 million ransom; the FBI later froze a substantial portion of the funds with Chainalysis assistance.

Victim
Caesars Entertainment
Loss
$15.0M
RansomwareContained

Xplain Play ransomware and Swiss federal documents leak (2023)

Play ransomware breached Swiss IT services provider Xplain, exfiltrating 1.3 million files. Approximately 65,000 documents belonging to the Swiss Federal Administration — including classified content, personal data, and readable passwords — were published on Play's dark-web leak site in June 2023.

Victim
Xplain (Swiss IT services provider to the Federal Administration)
Records
1.3M
EspionageContained

Microsoft Storm-0558 signing-key theft and US government email access (2023)

China-based Storm-0558 forged authentication tokens using a stolen Microsoft consumer signing key and read email at approximately 25 organisations — including the US State Department, the Department of Commerce, and the U.S. Ambassador to China. The 'cascade of errors' that enabled it became a defining case for cloud-provider key custody.

Victim
Microsoft customers (US State Department, Department of Commerce, ~25 organisations)
RansomwareContained

Indigo Books LockBit ransomware

LockBit affiliates encrypted Canada's largest bookseller, taking the website and in-store payment systems offline for weeks. Indigo publicly refused the ransom; LockBit published employee personal data.

Victim
Indigo Books & Music Inc.
Loss
$40.0M
Records
5.0K
RansomwareContained

AIIMS Delhi ransomware

Ransomware encrypted the All India Institute of Medical Sciences in New Delhi — India's most prestigious public hospital — taking patient registration and clinical records offline for two weeks during peak winter patient load.

Victim
All India Institute of Medical Sciences (AIIMS) New Delhi
Loss
$15.0M
WiperContained

Albania HomeLand Justice destructive wiper (Iran MOIS, 2022)

Iran's Ministry of Intelligence and Security, operating as 'HomeLand Justice', spent 14 months dwelling in Albanian government networks before launching ransomware-style file encryption and disk-wiping malware. Albania suspended online public services and became the first country in history to sever diplomatic ties with another state over a cyberattack.

Victim
Government of Albania
RansomwareContained

Conti ransomware attack on the Government of Costa Rica

Conti encrypted 27 Costa Rican government institutions including the Ministry of Finance, paralyzing tax collection and customs for months. President Chaves declared a national emergency — the first cyber-incident state of emergency in history.

Victim
Government of Costa Rica (27 institutions incl. Ministry of Finance, Customs, Social Security)
Loss
$130.0M
WiperContained

Viasat KA-SAT AcidRain wiper

One hour before Russia's invasion of Ukraine, Sandworm operators deployed the AcidRain wiper against Viasat KA-SAT satellite modems, bricking ~30,000 European terminals and 5,800 German wind turbines and disabling Ukrainian military command-and-control.

Victim
Viasat KA-SAT (subscribers across Ukraine and Europe)
Loss
$100.0M
Data breachContained

Argentina RENAPER national ID database breach (2021)

An attacker used a compromised government VPN account to query Argentina's RENAPER national ID database for all 45 million Argentines. Photos and ID details for the president, soccer star Lionel Messi, and other public figures were posted to Twitter as proof. The data went on sale on a dark-web forum.

Victim
Registro Nacional de las Personas (RENAPER), Argentina
Records
45.0M
RansomwareContained

Hillel Yaffe Medical Center DeepBlueMagic ransomware (Israel, 2021)

DeepBlueMagic ransomware — attributed by Israeli officials to a Chinese criminal group — hit Hillel Yaffe Medical Center in Hadera, becoming the first known successful ransomware attack on an Israeli healthcare entity. Recovery extended for months. Israeli authorities subsequently reported a wave of follow-on attempts against nine more hospitals.

Victim
Hillel Yaffe Medical Center
RansomwareContained

Transnet 'Death Kitty' ransomware (South Africa, 2021)

A ransomware attack on South Africa's state-owned logistics firm Transnet shut down operations at Durban, Ngqura, Port Elizabeth and Cape Town container terminals, forcing the operator to declare force majeure. Durban — 60% of Southern Africa's containerised trade — reverted to paper-based clearance for cargo for a week.

Victim
Transnet SOC (state-owned freight & port operator)
RansomwareContained

HSE Ireland ransomware (Conti)

Conti ransomware paralysed Ireland's Health Service Executive, forcing cancellation of outpatient appointments nationwide for weeks. Conti released the decryptor for free; recovery still cost an estimated €100M+.

Victim
Health Service Executive (HSE) of Ireland
Loss
$130.0M
Records
700.0K
Supply chainContained

SolarWinds SUNBURST supply-chain compromise (Cozy Bear)

Russian SVR operators trojanized SolarWinds Orion build infrastructure, distributing a backdoored update to 18,000 customers including the U.S. Treasury, Commerce, DHS, State, and Energy departments. The defining state cyberespionage operation of the decade.

Victim
SolarWinds (Orion customers — ~18,000 organisations including 9 U.S. federal agencies and Microsoft, FireEye, Mimecast)
Loss
$100.00B
Data breachContained

Vastaamo psychotherapy data breach and patient extortion (Finland, 2020)

Records on approximately 33,000 patients of Finnish psychotherapy provider Vastaamo were stolen in 2018 from an unencrypted database with no root password. After failed company-extortion in October 2020, the attacker sent ransom demands to ~30,000 patients directly. Founder later acquitted; Aleksanteri Kivimäki convicted and sentenced to 6 years 3 months.

Victim
Vastaamo (Finnish psychotherapy centre)
Loss
$670.0K
Records
33.0K
RansomwareRansom paid

Maastricht University Clop ransomware (Netherlands, 2019)

TA505 used Clop ransomware to encrypt 267 Maastricht University servers over Christmas 2019 after two phishing emails on 15–16 October had compromised the network. The university paid 30 BTC (~$220,000). The ransom Bitcoin — later seized from a money mule — was returned and had appreciated, leaving the university ahead by ~$300,000.

Victim
Maastricht University
Loss
$220.0K
Insider threatResolved

Desjardins insider data breach

An insider at Desjardins — the largest financial cooperative in Canada — exfiltrated personal data on 9.7 million members and businesses over two years before being caught. The defining Canadian insider-threat case.

Victim
Desjardins Group
Loss
$100.0M
Records
9.7M
EspionageResolved

Marriott / Starwood guest data breach

Chinese state-attributed operators sat undetected on Starwood's guest reservation database from 2014, surviving Marriott's 2016 acquisition. Disclosed 2018: 500 million guest records exposed, including 5.25 million unencrypted passport numbers.

Victim
Marriott International / Starwood Hotels & Resorts
Loss
$200.0M
Records
500.0M
EspionageContained

SingHealth data breach

Chinese state-attributed actors exfiltrated personal and outpatient medication records on 1.5 million SingHealth patients — including Prime Minister Lee Hsien Loong — in Singapore's most serious cyber incident.

Victim
Singapore Health Services (SingHealth)
Loss
$7.5M
Records
1.5M
private-keystolen

Coincheck NEM heist

Tokyo-based cryptocurrency exchange Coincheck lost 523 million NEM tokens (~$530M at the time) from a hot wallet that had no multi-signature protection. The largest single crypto-exchange theft at the time — later attributed to North Korea's Lazarus Group.

Victim
Coincheck Inc.
Loss
$530.0M
Data breachUnknown

Aadhaar database exposure

Tribune India journalists demonstrated that paid intermediaries could provide full Aadhaar records — including biometric-linked identity data on roughly 1.1 billion Indian residents — for 500 rupees per record.

Victim
Unique Identification Authority of India (UIDAI) / Aadhaar
Records
1.10B
EspionageResolved

Democratic National Committee hack

Russian GRU Units 26165 (APT28) and 31165 (APT29) compromised the Democratic National Committee, Hillary Clinton campaign, and DCCC. Stolen emails were selectively released via 'DCLeaks', 'Guccifer 2.0', and WikiLeaks to influence the 2016 U.S. presidential election.

Victim
Democratic National Committee + Clinton campaign + DCCC
Loss
$50.0M
Records
50.0K
EspionageContained

Ukraine power grid attack — Sandworm BlackEnergy (2015)

The Russia-linked Sandworm group used spear-phishing, BlackEnergy3, and KillDisk to remotely flip breakers at three Ukrainian regional electricity distribution companies, cutting power to approximately 230,000 customers for 1–6 hours. It is the first publicly acknowledged successful cyberattack on an electric power grid in history.

Victim
Ukrainian regional electricity distribution companies (Oblenergos)
EspionageResolved

German Bundestag intrusion (APT28)

Russian GRU Unit 26165 (APT28 / Fancy Bear) compromised the Bundestag's parliamentary network, exfiltrating ~16 GB of data including emails from Chancellor Merkel's parliamentary office. Forced a full Bundestag IT estate rebuild.

Victim
Deutscher Bundestag (German federal parliament)
Loss
$22.0M
WiperResolved

Sony Pictures Entertainment hack

A North Korean wiper attack tied to the release of 'The Interview' destroyed roughly half of Sony Pictures' IT estate and leaked terabytes of internal documents, emails, and unreleased films.

Victim
Sony Pictures Entertainment
Loss
$100.0M
Records
1.0M
Supply chainResolved

Target POS malware breach

Attackers entered Target via stolen credentials from an HVAC contractor, pivoted to the payment network, and stole magstripe data on 40 million credit and debit cards plus PII on 70 million customers.

Victim
Target Corporation
Loss
$292.0M
Records
110.0M
WiperContained

Saudi Aramco Shamoon wiper

Iranian-attributed Shamoon wiper destroyed data on roughly 30,000 Saudi Aramco workstations on a single day, taking the world's largest oil company's IT estate offline for two weeks. The first major Iranian retaliatory cyber operation.

Victim
Saudi Aramco
Loss
$200.0M
WiperResolved

Stuxnet (Operation Olympic Games)

U.S. and Israeli intelligence services jointly developed and deployed Stuxnet — the first widely-known cyber weapon to cause physical damage. The worm targeted Iran's Natanz uranium enrichment facility and destroyed approximately 1,000 IR-1 centrifuges over 2009–2010.

Victim
Natanz uranium enrichment facility (Iran)
Loss
$100.0M