Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
1179
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

2026 Data Breaches Year-to-Date (1179 indexed)

critical · other · Jun 15, 2026

Infostealers, AI, and a 90%

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2

View incident → Original disclosure Indexed 2 weeks, 4 days ago
critical · government · Jun 15, 2026

Cyberattack on Russian tech firm

According to customer complaints, the disruption affected a range of services used by businesses, leading to interruptions in cash register operations, difficulties selling certain regulated goods, loss of access to cust

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · other · Jun 15, 2026

JLR ordered 30,000 staff to

Aimee Turner reports: Jaguar Land Rover ordered all 30,000 employees to reset their passwords in person following a cyberattack that raised concerns staff credentials had been compromised. Speaking at Infosecurity Europe

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · tech · Jun 15, 2026

⚡ Weekly Recap: Chrome 0-Day,

Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson in a new form: phishing kits are easier

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · tech · Jun 15, 2026

Governing the ghost workforce

Every enterprise security team is fighting a workforce problem they cannot see on any org chart. Bots, service accounts, API keys, OAuth tokens, machine certificates — non-human identities now outnumber human ones in

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · other · Jun 15, 2026

Novo Nordisk Confirms Data Theft:

Novo Nordisk suffered a cyberattack where clinical trial data was copied. The breach is confirmed, but no threat actor has claimed responsibility. The Danish pharmaceutical giant Novo Nordisk disclosed a cybersecurity br

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · tech · Jun 15, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · healthcare · Jun 14, 2026

Novo Nordisk

Eric Sagonowsky reports: As cybersecurity threats have proliferated across industries in recent years, biopharma companies have emerged as prominent targets, with intellectual property, patient data and other sensitive i

View incident → Original disclosure Indexed 2 weeks, 5 days ago
medium · retail · Jun 14, 2026

UK: Hotel guests issued urgent

Elaine Blackburne reports: Hotel guests have been warned to stay alert for convincing fraudulent messages following a data breach at a major hotel chain. Personal information belonging to individuals with reservations at

View incident → Original disclosure Indexed 2 weeks, 5 days ago
medium · tech · Jun 13, 2026

Arch Linux AUR Packages Hijacked

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built t

View incident → Original disclosure Indexed 2 weeks, 6 days ago
critical · finance · Jun 13, 2026

South Korea Hands Coupang a

DataBreaches has been impressed by South Korea’s response to data breaches ever since reading about how its financial regulator responded to three credit card companies whose customers suffered a major data leak. U

View incident → Original disclosure Indexed 2 weeks, 6 days ago