The Parity wallet bug from 2017 is the classic example so far, where someone who was just messing around with the smart contract 'accidentally' locked up $280m in assets[1]. I've linked to the GitHub thread below...this person didn't get anything from the exploit, and it wasn't for street cred (they deleted their account).