2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.
Broadcom VMware Aria Operations Command Injection Vulnerability — Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated at
670K employee and project records from energy division exposed via CL0P exploitation
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors
712,904 records exposed — Email addresses, Usernames
Federal judges, DOJ attorneys, SEC staff data accessed — 118 .gov accounts compromised
Qualcomm Multiple Chipsets Memory Corruption Vulnerability — Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.
2.1M workspace messages and uploaded files exfiltrated from compromised enterprise workspace
495,556 records exposed — Display names, Email addresses, Profile photos
1,060,191 records exposed — AI prompts, Email addresses, Forum posts, Names
22,874 records exposed — Email addresses, Partial dates of birth, Usernames
420K immigration applicant records accessed via compromised case management portal
210K luxury retail customer records exposed
Employee and partner data exposed in warehouse management system breach
450K employee and operations records compromised
340K transaction records compromised
280K customer and pipeline records exposed
340K patient records compromised
780K customer records compromised in supply chain attack
3.1M Medicaid and Medicare patient records exfiltrated via compromised claims portal
International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes
560K insurance policyholder records compromised via ransomware attack on claims system
6,077,025 records exposed — Bank account numbers, Customer service comments, Dates of birth, Driver's licenses and 7 more
920K customer records and server configurations exposed via compromised management portal
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authenti