Here is a quick summary of recent major cyber attacks:

SolarWinds 2020
A breach of United States government digital assets which went undetected for many months. The threat actors employed all kinds of techniques once they initially gained access, and the affected areas reached across countries.

Direct costs are hard to estimate, though the indirect costs are huge. For example, the idea that the US government could be hacked, and remain undetected for months, by a foreign adversary would have been hard to fathom prior to this attack.

British Library 2023
This breach happened in 2023 and continues to affect the British Library. The attack was carried out by a hacker group who demanded a ransom, which the British Library refused to pay. The hacker group then leaked stolen data to the dark web.

Direct costs of this attack are in the tens of millions of dollars, as the library continues to repair the issue. Indirect costs are mainly on the users, who are not able to access library resources.

LastPass 2022
An employee laptop was compromised which led to the theft of code and customer data.

The company’s response was slow and glossed over the significance of the issue. The biggest cost was likely indirect as a major reputation hit to the company, which whole existence depends on the trust that customers have that the company can keep their sensitive information safe.