TD Bank (Canada/US)
3.8M customer records exposed in cross-border data breach affecting Canadian and US operations
2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.
3.8M customer records exposed in cross-border data breach affecting Canadian and US operations
n8n Improper Control of Dynamically-Managed Code Resources Vulnerability — n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Contractor laptop with cached Gotham deployment configs and access tokens compromised
620K policyholder records from cyber insurance division exposed in targeted attack
Ericsson data breach affects 15k employees/customers after third-party service provider compromise
Omnissa Workspace ONE Server-Side Request Forgery — Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
2.8M PC Optimum loyalty member records stolen including purchase history and contact data
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability — Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticat
470K buy-now-pay-later customer records including credit data exposed via vendor compromise
1.5M patient records from Singapore public healthcare system breached for second time
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability — SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on t
Billing services provider TriZetto Provider Solutions has begun notifying millions of patients about a data breach
Internal Slack messages and API usage metadata accessed — no customer prompts exposed
380K employee and defense contract records exposed via zero-day in Trend Micro product
550K employee and defense program records from aviation division compromised
560K customer records accessed via compromised third-party payroll services provider
290K employee records and mining operations data accessed via compromised contractor VPN
Storm-0558 successor group accessed email and calendar data from 25 enterprise tenants
1.6M customer pharmacy and loyalty records exposed via FTP server misconfiguration
1.8M dialysis patient records compromised in ransomware attack on kidney care provider
Hikvision Multiple Products Improper Authentication Vulnerability — Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and
Rockwell Multiple Products Insufficient Protected Credentials Vulnerability — Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to