The 10 Most Devastating Cyberattacks of the Past Two Years — And What They Mean for SMBs

From weaponized software updates to telecom meltdowns, 2023–2025 have witnessed some of the most disruptive cyberattacks of our time. While headlines focus on corporations and governments, the ripple effects are equally damaging to small and medium-sized businesses tied to the same infrastructure.

1. MOVEit Data Breach (May–June 2023) 

What Happened: A zero-day vulnerability in MOVEit file transfer tool was used by Cl0p. 

Impact: Over 2,700 businesses and 93 million individuals exposed. 

Takeaway: Even tools used indirectly by SMBs can be the Achilles' heel of your cybersecurity. 

2. British Library Ransomware (Oct 2023) 

What Happened: Rhysida gang hit the UK’s largest public library. 

Impact: 600 GB exposed; ~£6–7 million recovery cost, eroding its entire reserve. 

Takeaway: Not only tech firms—cultural institutions and local organizations are in the ring. 

3. Kyivstar Telecom Sabotage (Dec 2023) 

What Happened: Sandworm inflicted a nation-wide telecom disruption in Ukraine. 

Impact: Widespread outages, including emergency alerts; ~$90 million to recover. 

Takeaway: Infrastructure-level attacks break more than headlines—they break operations. 

4. Scattered Spider Hits MGM & Caesars (Sept 2023) 

What Happened: Hackers bypassed MFA by targeting help desks. 

Impact: Casino networks went dark; Caesars paid ~$15 million. 

Takeaway: Social engineering works—no matter your company size or sector. 

5. Boeing LockBit Ransomware (Oct 2023) 

What Happened: Zeroday exploit led LockBit to exfiltrate 43 GB from Boeing’s parts systems. 

Impact: Stolen data, leaked public threats. 

Takeaway: Even legacy supply-chain components are targets if they connect to critical systems. 

6. U.S. Telecom Router Attack (Oct 2023) 

What Happened: Firmware backdoor bricked 600,000+ routers in rural America.

Impact: Connectivity blackout in underserved regions. 

Takeaway: Consumer-grade devices can cripple businesses that rely on basic internet. 

7. Lazarus Crypto Thefts (2023) 

What Happened: North Korea–linked group stole >$300 million from crypto platforms. 

Impact: Funds used for weapons programs—cybercrime with global consequences. 

Takeaway: Digital theft funds real-world harm and escalates geopolitical conflict. 

8. Volt Typhoon (2023–2024) 

What Happened: Chinese state-linked hackers infiltrated U.S. ports and utilities. 

Impact: Covert access laid, awaiting activation. 

Takeaway: Cyber warfare isn't always loud—it can be silent sabotage waiting to strike. 

9. 23andMe Credential Stuffing (Oct 2023) 

What Happened: Reused passwords led to genetic data extraction of ~7 million users. 

Impact: Major privacy breach in biotech. 

Takeaway: Sensitive data doesn't need a massive breach—few reused passwords will do. 

10. WestJet Cyberattack (June 2025)

What Happened: Breach led to booking and app downtime. 

Impact: Investigation by RCMP underway. 

Takeaway: Even regional businesses can cause national ripples. 

SMB Spotlight: 5 High-Stakes Attacks on Small & Medium Businesses 

It's a myth that only global giants get hit. These 5 SMB-related emergencies show just how destructive targeted attacks can be: 

1. CDK Global — Car Dealership Havoc (June 2024) 

What Happened: BlackSuit ransomware hit CDK, a software provider serving thousands of North American auto dealerships (en.wikipedia.org). 

Impact: Dealership operations frozen; $25 million ransom paid; ~$605 million losses in two weeks. 

Lesson: A single SaaS provider’s compromise can kneecap an entire industry. 

2. London Drugs – Canadian Retail Disruption (May 2024) 

What Happened: LockBit ransomware shut down all 80+ locations (en.wikipedia.org). 

Impact: Stores closed for over a week; no ransom paid; major data leaks. 

Lesson: Local retailers are vulnerable—and costly to recover. 

3. Krispy Kreme – E-commerce Outage (Nov–Dec 2024) 

What Happened: A cyberattack disabled online ordering systems during a marquee promotion (wsj.com, theguardian.com). 

Impact: 16% dip in sales; fintech-supported payouts; insurers-in-play. 

Lesson: Even temporary digital outages hurt revenues and brand perception. 

4. Starbucks Payroll Disruption (Nov 2024) 

What Happened: Blue Yonder supply-chain breach halted payroll systems (nypost.com). 

Impact: Staff resorted to pen-and-paper; pay accuracy threatened. 

Lesson: Downtime in non-customer systems still spells risk—for employees, morale, and brand trust. 

5. Munster Technological University – Campus Lockdown (Feb 2023) 

What Happened: BlackCat ransomware forced closure of Cork campuses, affecting university operations (en.wikipedia.org). 

Impact: Classes canceled; confidential data published; long-term disruption. 

Lesson: SMBs such as educational institutions face operational collapse—even without profit motives. 

What This Means for Your Business 

• You're in the crossfire. Most SMBs don't just survive—they collapse post-attack. 

• Vicinity matters. Even a SaaS provider or local vendor breach can devastate your operations. 

• Downtime costs more than ransom. Reputational damage, lost income, and legal fallout are just the tip of the iceberg. 

Defend Your SMB: Simple Steps to Cyber Resilience 

1. Audit Your Digital Footprint Map every device, vendor, and software connection. 

2. Enforce Patching & Updates Keep cars, routers, thermostats, and printers secure. 

3. Segment & Monitor Networks Isolate IoT from sensitive systems and watch for anomalies. 

4. Human Firewall Training Teach your team to spot social-engineering attempts. 

5. Plan for the worst Build incident-response plans—even for short-term outages. 

You Don’t Need to Be a Giant—You Just Need to Be Prepared 

These SMB disasters prove that being small is no shield. Ready to build ironclad digital defences? 

📩 Schedule your tailored cybersecurity assessment today — your operations, reputation, and future depend on it.