TechTarget and Informa Tech’s Digital Business Combine. TechTarget and Informa TechTarget and Informa Tech’s Digital Business Combine. Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise Newsletter Sign-Up Newsletter Sign-Up Cybersecurity Topics Related Topics Application Security Cybersecurity Careers Cloud Security Cyber Risk Cyberattacks & Data Breaches Cybersecurity Analytics Cybersecurity Operations Data Privacy Endpoint Security ICS/OT Security Identity & Access Mgmt Security Insider Threats IoT Mobile Security Perimeter Physical Security Remote Workforce Threat Intelligence Vulnerabilities & Threats Recent in Cybersecurity Topics Application Security Shai-Hulud Worm Clones Spread After Code Release Shai-Hulud Worm Clones Spread After Code Release by Alexander Culafi May 18, 2026 4 Min Read Sponsored Content Devs Got Agentic Workflows. What Did Security Engineers Get? Devs Got Agentic Workflows. What Did Security Engineers Get? May 18, 2026 4 Min Read World Related Topics DR Global Middle East & Africa Asia Pacific Latin America See All The Edge DR Technology Events Related Topics Upcoming Events Podcasts Webinars SEE ALL Resources Related Topics Resource Library Newsletters Podcasts Reports Videos Webinars White Papers Partner Perspectives Dark Reading Resource Library Cyber Risk Cyberattacks & Data Breaches Cybersecurity Operations Endpoint Security News Since 2006, Dark Reading has been at the forefront of covering cybersecurity, providing deep insights and analysis beyond the headlines. All those major news events? We were there. Shifts in technology trends? We wrote about them. Enjoy this special anniversary coverage celebrating where we've been and what's next. Boulevard of Broken Dreams: 2 Decades of Cyber Fails From CrowdStrike's outage and SIEM's longevity to epic business blunders and the jaded reality of living in a post-breach world, Dark Reading looks back at the mistakes, miscalculations, systemic failures, and cringeworthy moments that still have us shaking our heads. Dark Reading Editorial Team May 18, 2026 29 Min Read Source: DBURKE via Alamy Stock Photo Boulevard of Broken Dreams: 2 Decades of Cyber Fails Things started off so brightly: we were supposed to have nice things. SIEMS were supposed to be replaced by something much awesomer; connected Internet of Things (IoT) devices were supposed to be fun and useful and not a lurking threat in millions of homes; law enforcement’s cybercrime takedowns were supposed to last; and people’s private information was supposed to stay, well, private. Specific businesses have had their share of dreams too: Symantec had high hopes for its certificate authority, Mt. Gox was once a shining example of frontier tech ingenuity, and CrowdStrike wasn't always seen as a crucial choke point for operations. But alas, those visions of a happy cyber world where things go the right way most of the time was not to be. The road since 2006 is much darker, and littered with stories of operational failures, systemic cyber malaise, and preventable misery in the form of simple hacks that cause complex damage. As part of our special 20th anniversary coverage, we're recapping some of the biggest cyber fails of that time period (in a process that's becoming a bit of a tradition ). We expect there to be debate about these, so after you're done motoring down this avenue of lowlights, hit up Dark Reading on LinkedIn or other socials to weigh in on your favorite cyber horror stories — or reminisce about the ones we've included here. Click here for all of our DR20 content , which will be rolling out across the month of May. Keep checking back for new items! Equifax. Experian, Anthem, et al: Data Breach Fatigue Leads to Apathy Another day, another data breach headline. At this point, does it even matter? We've reached peak data breach jadedness; the announcement of yet another massive exposure of sensitive personal information elicits little more than a collective shrug — and perhaps a performative password change. The harsh reality is that any adult with a credit history, bank account, or health insurance has had their information (and Social Security numbers) stolen multiple times at this point. The Equifax breach in 2017 affected 143 million individuals, and the Anthem breach in 2015 affected almost 80 million. Tricare in 2011 and Community Health Systems in 2014 were smaller (5 million each) but were no less significant. Experian had multiple breaches over the years (including when an Experian entity sold data to an identity theft ring ). More recently, the Change Healthcare ransomware attack compromised data belonging to 100 million people. And with data stolen from educational institutions and healthcare facilities , kids are not exempt. It's no longer a question of "if" the data will be stolen. The more relevant question is how many criminal databases have that data. The Identity Theft Resource Center , which tracks publicly reported data breaches in the United States, reported 3,322 security incidents in 2025, with almost 279 million victim notices sent. ITRC tracked 321 incidents in 2006 . That's a lot of offers for free credit monitoring. Enter the jadedness: A Varonis survey last year found that 64% of surveyed American adults never checked whether they were affected when hearing about a data breach. And there doesn't seem to be long-lasting repercussions for companies that lose control of their data. Stock prices dip before rebounding . This is no longer breach fatigue. It's apathy. "Data breaches haven't mattered for a long time because the impact on an individual, in a general sense, is low compared to the value the person receives from using these [breached] services in the first place," says Tyler Shields, CMO of Allstacks and former analyst at Enterprise Strategy Group. "It's all risk evaluation math. If my value is greater than the perceived risk, do it anyway." In other words, this is the post-data breach era, where everyone's information has already been stolen, and we've all just learned to live with it. MOVEit Fiasco: A Lone SQL Bug Exposes 100M Records One of the most impactful security incidents (or series of incidents) of the past five years was the rampant exploitation of CVE-2023-34362, an SQL injection flaw in Progress Software's MOVEit Transfer managed file transfer (MFT) software used by thousands of companies. Enormous data breaches across healthcare, finance, government sectors , and more impacted almost 100 million individuals, whose data was exposed from third-party systems. Progress Software disclosed the zero-day vulnerability on May 31, 2023, and while patches weren't available immediately, the company provided mitigation instructions and published a patch later that day. Threat actors, especially the Cl0p ransomware gang, compromised droves of organizations (including downstream compromises) in a series of low-effort, data-theft extortion attacks . These attacks were an apparent windfall for Cl0p to the tune of at least $75 million. John Hammond, senior principal security researcher at Huntress, tells Dark Reading that the follow-on attacks from CVE-2023-34362 created a supply chain attack that was destructive on a historic scale. "In 2023, the exploitation of the MOVEit Transfer software was one of many large-scale incidents of what was then an emerging trend: hackers compromising managed file transfer solutions," he says. "The attack itself was 'point-and-shoot' — a hacker didn't need anything more than an IP address or host name to fully compromise a vulnerable system, and the Russia-affiliated CL0p ransomware gang took full advantage of that." The failure here was twofold. Although zero-days will happen and vendors can be granted a bit of grace, CVE-2023-34362 is an SQL injection flaw — one of the oldest kinds of vulnerabilities and one of the easiest for internal code scanning to catch. The second is that while many defenders and organizations acted quickly to patch and get the word out, many also failed to do so. Compromises and breach disclosures continued for months after initial discovery, and the entirety of the immense toll it took on organizations did not become clear for months after attacks began. The security community has hopefully learned from these failures — now getting ahead of potentially monumental supply chain threats — but the MOVEit Transfer attacks go down in cyber history for the destruction left in their wake. 'Death of the SIEM' (Still) Greatly Exaggerated Despite nonstop predictions of its demise, the ubiquitous security information and event management (SIEM) platform just won't give up the ghost. None of the emerging technologies touted as replacing it in the security operations center (SOC) managed to succeed: First it was security orchestration automation and response (SOAR) ; then extended detection and response (XDR) ; behavioral analytics; big data ; and now of course, agentic AI . But rather than supersede the SIEM , many of these tools instead have been blended or integrated into it. "SIEM hasn't died because compliance won't let it," says Jesse Whaley, president and CISO/CTO at consultancy Digital Cyber Forge. "FedRAMP, CMMC [Cybersecurity Maturity Model Certification], PCI DSS, [and] SOC 2 all treat log aggregation and correlation as a control requirement, not a preference. You can't kill infrastructure that auditors mandate. That's the part nobody says out loud." But the cost of ownership, plus the emergence of new AI functions, could eventually kill the stubbornly persistent platform — at least in the form we know it as today. While the SIEM's superpower has long been its co