Societe Generale (2026)
1.5M customer records compromised in second incident
2026 Data Breaches Year-to-Date (645 indexed)
Bosch Group
560K manufacturing and IoT device records exposed
Government of Prince Edward Island
78K health card records compromised
Scotiabank (Canada)
2.1M customer records from Caribbean and Central American operations exposed
MEC (Mountain Equipment)
450K member records compromised
City of Winnipeg (2026)
280K resident records compromised
The Ottawa Hospital
780K patient records exposed in data exfiltration
CIRO (Canadian Investment Regulatory Org)
750K Canadian investors exposed — SINs, income, account statements via phishing attack
Spark New Zealand
450K customer records exposed in targeted attack
TMX Group (TSX)
450K market data records exposed
BreachForums (2025)
672,247 records exposed — Email addresses, Forum posts, Passwords, Private messages and 1 more
Instagram (Alleged Leak)
17.5M account records posted to BreachForums
NEC Corporation
560K corporate client records stolen
City of Toronto (2026)
420K resident records stolen in targeted attack
Starbucks Corporation
950K rewards member records exposed via API vulnerability in mobile order-ahead system
ABB Ltd (Switzerland)
560K automation records exposed
Garuda Indonesia
450K passenger records exposed
Social Security Administration
3.6M beneficiary records exposed via compromised contractor with access to benefits system
Linear (Project Management)
120K workspace records exposed via OAuth misconfiguration
Cleveland Clinic
1.3M patient records exposed via zero-day in medical imaging PACS system
Accenture (Client Data)
1.4M client consulting records from 23 countries exposed via LockBit affiliate intrusion
MedStar Health (2026)
2.1M patient records compromised in ransomware incident
Epic Systems (Vendor Incident)
2.1M patient records accessed via compromised third-party integration at EHR giant
SNC-Lavalin / AtkinsRealis (Canada)
190K employee and project records from Canadian engineering firm compromised