Infosecurity Europe
3-5 June 2025
ExCeL London

The Top 10 Biggest Cyber-Attacks

This article reviews 10 cyber-attacks that had significant real-world impact

The impact of cyber-attacks is often hard to quantify and estimates generally tend to focus on the financial costs of incidents – to the individual organization and the wider economy.

However, recent years have demonstrated that cyber-attacks can result in significant human impacts alongside financial harm – from disrupting everyday life to personal health and safety.

This article sets out 10 occasions that cyber-attacks severely impacted the lives of ordinary citizens, highlighting the growing link between the cyber and physical worlds.

Ukraine Power Grid Attacks

In December 2015, during the heart of winter, Russian threat actors compromised power distribution companies in western Ukraine, leading to a power outage for more than 230,000 residents.

The threat actors also reportedly flooded customer services phone lines with calls to prevent customers from reporting the incident, which lasted a number of hours.


The notorious WannaCry ransomware attack that occurred in May 2017 reportedly affected more than 300,000 victims globally. In the UK, the National Health Service (NHS) was heavily impacted, with over 19,000 appointments and operations estimated to have been cancelled as a result of IT systems being locked down. A subsequent analysis by Nature found that hospitals directly infected with the ransomware had significantly fewer emergency and elective admissions, demonstrating there was significant patient harm.

The attack could have been far more severe, however, if a researcher hadn’t discovered a “kill switch” that ended the attack. The UK government, Microsoft and others blamed North Korea for the devastating attack.

Travelex Forced into Administration

Foreign exchange firm Travelex was forced into administration in the summer of 2020, with a cyber-attack in December 2019 cited as a significant factor by the administrators, PwC.

This resulted in over 1300 jobs immediately being cut, but the company has since recovered to continue operating.

A Recorded Fatality

A tragic case still making its way through the courts in the US alleges that the death of an infant is the first recorded fatality caused by a ransomware attack.

In this case, a baby was born with her umbilical cord wrapped around her neck, a problem that has purportedly led to brain damage and her death several months later. Although foetal heart monitors would have usually picked up the issue, it was reported that medical staff could not access these from the usual location as a display had been locked by cybercriminals.

The lawsuit contends that if the infant’s mother had been aware of the extent of the technology outage at the hospital, she would have chosen to have her baby elsewhere.

United Health Services Attack 

The Fortune 500 healthcare organization was forced to pull the plug on key systems in the US after falling victim to a Ryuk ransomware attack in September 2020. This resulted in acute care and other patient services being impacted, including ambulance traffic being diverted to facilities run by competitors.

The incident reportedly cost United Health Services $67m in losses.

Cancer Patients Diverted Following MedTech Attack

Scores of US hospitals were impacted by an attack on oncology and radiology system provider Elekta in April 2021, with one report claiming 42 hospitals and clinics suffered service disruptions. In addition to sensitive patient data being exposed, the incident caused treatments to be delayed for a number of cancer patients across the US.

Elekta is currently facing a class-action lawsuit for allegedly failing to have adequate cybersecurity controls.


Colonial Pipeline

The ransomware attack on Colonial Pipeline, the company running the US’ largest fuel pipeline, in May 2021, led to dramatic scenes of snaking lines of cars at gas stations across the East Coast, along with Americans filling bags with fuel in panic. There was also disruption at some airports, with many airlines experiencing a jet fuel shortage.

The shortages also led to rising fuel prices for several days.

Colonial Pipeline paid $4.4m worth of cryptocurrency to the DarkSide gang to be able to resume operations. However, US authorities were able to seize the majority of the funds paid to the attackers by tracking the Bitcoin transfers to a specific address.

HSE Attack

The body responsible for health services in Ireland, HSE Ireland, was hit by a ransomware attack in May 2021, which saw its IT systems taken offline and a number of hospital appointments cancelled. Shortly after, the attackers said they would provide the decryption tool free of charge but still threatened to publish data it claimed to have stolen during the incident unless a ransom payment was given.

The attack had a huge impact on patients, with healthcare services severely disrupted throughout the country, and the private data of thousands of individuals who received the COVID-19 vaccine was exposed. It was reported that delayed diagnosis due to the attack could cut short the lives of some patients.

The attack was believed to have been perpetrated by Russia-based actor Conti.

JBS Attack

The world’s largest meat processor, JBS, was forced to pull the plug on its critical servers after an organized cyber-attack on its IT systems, perpetrated by the REvil ransomware gang.

The firm supplies more than a fifth of all beef in the US and was forced to temporarily halt all its operations in the region. The attack reportedly caused a disruption to meat supplies and an uptick in meat prices.

JBS later confirmed it had paid its extorters an $11m ransom to enable it to resume operations.

Kaseya Supply Chain Attack

The attack on US software supplier Kaseya in July 2021 was believed to have impacted 1500 organizations globally. Among the victims were schools, supermarkets and a national railway, resulting in significant real-world impacts for citizens.

The supply chain attack was another perpetrated by REvil. The US justice department announced it had charged a suspect over the attack in November 2021, with the suspect extradited to the country in March 2022.

Enjoyed this article? Make sure to share it!

Looking for something else?