Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
1184
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

2026 Data Breaches Year-to-Date (1184 indexed)

high · healthcare · May 22, 2026

Hackers steal patient and billing

Daryna Antoniuk reports: German university hospitals are grappling with a large-scale patient data breach after unknown hackers targeted an external billing service provider used by medical centers across the country, ac

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · government · May 22, 2026

Proposed State Laws For Breach

Joseph Lazzarotti of JacksonLewis writes: State breach-notification laws continue to evolve, and legislatures are using 2026 sessions to tighten consumer protections and shift the civil liability landscape that often fol

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 22, 2026

Drupal Core

Drupal Core SQL Injection Vulnerability — Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstr

View incident → Original disclosure Indexed 1 month, 1 week ago
critical · finance · May 22, 2026

Identity as the primary attack

The “retro” way “The thing about the old days is… they are the old days” – Slim Charles, The Wire Protecting a specified network perimeter was the main focus of enterprise security strategy for several decades. Bus

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 21, 2026

Langflow Langflow

Langflow Origin Validation Error Vulnerability — Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=Non

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · other · May 21, 2026

Google accidentally

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]

View incident → Original disclosure Indexed 1 month, 1 week ago
critical · other · May 21, 2026

Operation Saffron

Bitdefender reports: An international law enforcement operation led by France and the Netherlands dismantled First VPN, a cybercriminal anonymization service used by ransomware actors, fraudsters, and data thieves across

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 21, 2026

Trend Micro Apex One

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability — Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key tab

View incident → Original disclosure Indexed 1 month, 1 week ago
critical · other · May 20, 2026

GitHub

Github, which hosts code for more than 100 million developers worldwide, confirmed the breach on social media after TeamPCP advertised stolen source code on a cybercrime forum.

View incident → Original disclosure Indexed 1 month, 2 weeks ago
high · tech · May 20, 2026

Microsoft Internet Explorer

Microsoft Internet Explorer Use-After-Free Vulnerability — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to

View incident → Original disclosure Indexed 1 month, 2 weeks ago