Cybersecurity Incidents and NIST Functions

Attackers gained control of high-profile Twitter accounts to post a cryptocurrency scam, exploiting phishing to access internal tools.

A breach exposed personal data of 147 million Americans due to a known vulnerability in Apache Struts.

A ransomware attack disrupted fuel supplies, exploiting a compromised VPN password without multi-factor authentication.

Attackers injected malware into SolarWinds updates, compromising U.S. government and Fortune 500 networks.

A hacker tricked an employee into approving MFA requests, accessing internal systems and leaking data.

Attackers compromised an HVAC vendor to install malware on POS terminals, stealing 40 million credit card numbers.

Yahoo suffered multiple breaches affecting 3 billion accounts, leading to fines and reputational damage.

A long-running breach in Starwood’s system led to the exfiltration of guest data before Marriott realized.

NotPetya malware wiped data from thousands of businesses, causing billions in damages due to weak backup strategies.