Zoom Communications (2026)
780K enterprise meeting recordings and transcripts accessed via compromised admin portal
2026 Data Breaches Year-to-Date (645 indexed)
Barclays Bank
780K customer records from wealth management division exposed via insider threat
Brookfield Asset Management
480K investor records from Canadian asset manager exposed via compromised fund admin portal
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability — BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Suc
Odido (Dutch Telecom)
6.2M customer records including passport and bank account numbers leaked by ShinyHunters
Fake AI Assistants in Google
Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX
Lockheed Martin (Subcontractor)
Defense subcontractor breach exposes classified program metadata and personnel clearance records
Notepad++ Notepad++
Notepad++ Download of Code Without Integrity Check Vulnerability — Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or r
World Leaks Ransomware Group Adds
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns
Delta Air Lines
870K SkyMiles member records and passport data exposed via compromised CrowdStrike integration
Microsoft Configuration Manager
Microsoft Configuration Manager SQL Injection Vulnerability — Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially cra
State of Ohio Unemployment System
890K unemployment claimant records exposed via compromised benefits administration portal
Lyft Inc.
290K driver and rider records exposed via compromised third-party background check vendor
SolarWinds Web Help Desk
SolarWinds Web Help Desk Security Control Bypass Vulnerability — SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted
Apple Multiple Products
Apple Multiple Buffer Overflow Vulnerability — Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker w
Cerner / Oracle Health
5.9M patient records exposed after legacy Cerner migration database left unsecured on Oracle Cloud
North Korean Hackers Use Deepfake
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware
Walgreens Boots Alliance
2.1M pharmacy patient records exposed via compromised health services vendor
Mastercard (EU Processing)
680K European cardholder records exposed via compromised transaction processing node
Toy Battles
1,017 records exposed — Chat logs, Email addresses, IP addresses, Usernames
“Digital Parasite” Warning as Attackers
Picus Security warns of the increasingly sophisticated ways malicious activity is staying hidden
Association Nationale des Premiers Secours
5,600 records exposed — Dates of birth, Email addresses, Names, Places of birth and 1 more
KU Leuven (Belgium)
190K student records exposed
Jean Coutu (Pharmacy)
450K patient records exposed in POS breach