Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
1185
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

2026 Data Breaches Year-to-Date (1185 indexed)

critical · finance · Apr 14, 2026

Europe’s Largest Gym Chain Says

Basic-Fit has reported that hackers have stolen names, dates of birth, and even bank account details. The post Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members appeared first on SecurityWeek.

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 13, 2026

Fortinet FortiClient EMS

Fortinet SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 13, 2026

Microsoft Windows

Microsoft Windows Out-of-Bounds Read Vulnerability — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 13, 2026

Microsoft Exchange Server

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

View incident → Original disclosure Indexed 2 months, 3 weeks ago
critical · other · Apr 13, 2026

MN: Spring Lake Park Schools

Spring Lake Park Today reports: Spring Lake Park Schools in Minnesota were forced to close on Monday due to a suspected ransomware attack that disrupted the district’s computer systems. Local authorities are invest

View incident → Original disclosure Indexed 2 months, 3 weeks ago
medium · tech · Apr 13, 2026

GTA-maker Rockstar Games

Joe Tidy reports: Grand Theft Auto developer Rockstar Games has been targeted for a second time in three years by hackers. The data breach affecting the gaming giant was reported by cybersecurity news outlets on Saturday

View incident → Original disclosure Indexed 2 months, 3 weeks ago
medium · other · Apr 13, 2026

CPUID Hacked to Serve Trojanized

Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT. The post CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads appeared first on SecurityWe

View incident → Original disclosure Indexed 2 months, 3 weeks ago