The top 10 most costly unsolved cyber breaches of all time

Cybersecurity history is filled with spectacular failures – attacks that wiped out billions in value, crippled global operations, and exposed the personal data of millions. Yet in many of the most damaging cases, the attackers were never conclusively identified, prosecuted, or brought to justice.

Attribution in cyberspace is notoriously difficult. Sophisticated threat actors hide behind layers of anonymity, operate across borders, and exploit gaps in international law enforcement. The result is a growing list of catastrophic breaches that remain technically or legally “unsolved.”

Below are ten of the most financially devastating cyber incidents in history where accountability remains incomplete or unresolved.

1. Jaguar Land Rover – 2025

Estimated cost: £1.9 billion+

In early 2025, British automotive giant Jaguar Land Rover was struck by a major cyberattack that forced the shutdown of manufacturing plants across the UK. Production lines ground to a halt, suppliers were impacted, and vehicle deliveries were delayed for weeks.

The total economic damage – including lost revenue, recovery costs, and supply-chain disruption – is believed to exceed £1.9 billion. Despite extensive investigation, the group responsible has never been publicly named, making this one of the most expensive unresolved cyber incidents in corporate history.

2. The NotPetya Global Outbreak – 2017

Estimated cost: $10 billion+

Originally disguised as ransomware, NotPetya quickly spread across the world in 2017, destroying data and crippling systems at multinational companies including Maersk, Merck, and FedEx.

Although several governments later attributed the malware to Russian state actors, the attack was never prosecuted and no individuals were ever charged. For the hundreds of companies that suffered enormous financial losses, legal accountability remains non-existent.

From an organizational standpoint, this attack remains effectively unsolved.

3. MOVEit Supply Chain Exploit – 2023

Estimated cost: $10 billion+

A vulnerability in MOVEit file transfer software led to one of the largest supply-chain breaches in history. Hundreds of organizations across finance, government, healthcare, and education were compromised.

While certain cybercriminal groups were suspected of involvement, the full ecosystem of attackers was never conclusively identified, and most victims have had no recourse.

With more than 60 million individuals affected worldwide, this incident continues to generate massive legal and remediation costs with little in the way of justice.

4. Yahoo Mega Breaches – 2013–2014

Estimated cost: billions in valuation and settlements

Yahoo suffered the largest data breach in history, with up to 3 billion user accounts exposed over two separate incidents.

The breaches severely damaged Yahoo’s brand value and reduced its sale price when acquired by Verizon. While various theories emerged about who was responsible, no definitive prosecutions were achieved.

The sheer scale and long-term financial impact place this among the costliest unresolved breaches of all time.

5. Bangladesh Bank SWIFT Heist – 2016

Estimated loss: $101 million

Hackers infiltrated the Bangladesh central bank’s SWIFT payment system and initiated fraudulent transfers worth nearly $1 billion. While most payments were stopped, $101 million disappeared into accounts in the Philippines and Sri Lanka.

Despite years of investigations and lawsuits, the masterminds behind the attack have never been formally prosecuted. Much of the stolen money was never recovered.

The case remains one of the most sophisticated and mysterious cyber-enabled bank robberies ever recorded.

6. Bulgarian National Revenue Agency Breach – 2019

Estimated cost: nationwide economic and reputational damage

In 2019, hackers stole sensitive tax and financial data relating to nearly every adult citizen in Bulgaria – around 5 million people.

The breach caused national outrage and enormous remediation expenses for the government, but investigators were never able to conclusively prove who orchestrated the attack.

It remains one of the largest government data compromises in European history with no clear perpetrator.

7. The “Mother of All Breaches” (MOAB) – 2024

Estimated impact: incalculable

In 2024 security researchers discovered what they called the “Mother of All Breaches” – a massive online database containing billions of records compiled from hundreds of previous leaks.

The true origin of the data trove remains completely unknown. It is unclear whether it was the work of a single group, multiple actors, or simply an aggregation of years of stolen information.

The potential long-term cost in identity theft, fraud, and corporate liability is almost impossible to calculate, and no one has ever been held responsible.

8. Ireland’s Health Service Executive Ransomware Attack – 2021

Estimated cost: hundreds of millions

Ireland’s national health system was brought to its knees by a devastating ransomware attack that disrupted hospitals, cancelled appointments, and compromised patient data.

While investigators linked the attack to known criminal malware families, no central figures were ever arrested or prosecuted. The financial and human impact was enormous, yet accountability remains elusive.

9. Critical Infrastructure Attacks with No Attribution

Over the last two decades, numerous cyberattacks have targeted power grids, water systems, and industrial control networks around the world.

Many of these incidents caused millions in damages and significant national disruption, yet due to political sensitivities and technical complexity, they were never officially solved.

These attacks highlight how often major cyber sabotage occurs in the shadows with no public resolution.

10. Large-Scale Retail and SME Breaches

Beyond the headline-grabbing cases, countless major retail and financial sector breaches have collectively cost tens of billions of dollars through fraud, card replacement, and legal settlements.

In many of these incidents the hackers were never identified, especially when attacks originated overseas or via complex criminal marketplaces.

The victims paid the price – while the criminals vanished without trace.

Why So Many Cyber Breaches Remain Unsolved

Unlike traditional crime, cyber investigations face enormous structural challenges:

• Attackers can operate from any country in the world

• Digital forensics are often incomplete or easily erased

• Hackers use anonymization tools and cryptocurrencies

• Nation-state actors hide behind proxies

• International cooperation is slow and politically complex

As a result, even the most catastrophic breaches often end with no arrests, no prosecutions, and no definitive answers.

The Harsh Reality

These ten cases demonstrate an uncomfortable truth: in cyberspace, enormous financial damage does not guarantee justice.

For organizations, this means prevention and resilience are far more realistic goals than relying on law enforcement to catch attackers after the fact.

Until global cooperation and cyber attribution capabilities dramatically improve, the world will continue to see multi-billion-dollar cybercrimes where the perpetrators simply walk away.