Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5492+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5492
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

critical · government · May 28, 2026

A Fake UK Visa Site

A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British government. It’s a third-p

critical · tech · May 28, 2026

19.6 Billion Files Are Sitting

19.6 Billion files are exposed in misconfigured cloud buckets, including 685K credential files and nearly 1M database dumps. There’s a comfortable myth most people carry around: that the data they hand to companies

medium · other · May 28, 2026

ThreatsDay Bulletin

Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed inf

medium · government · May 28, 2026

Indian CERT urges firms to

India’s cybersecurity agency, CERT-In, has urged organizations to patch, mitigate, or isolate known exploited vulnerabilities affecting internet-facing “crown jewel” systems within 12 hours where feasible, warning that A

medium · tech · May 28, 2026

GlassWorm falls, but the repo

Taking down a sprawling malware operation once signaled progress in securing the open-source ecosystem. Now, it barely registers. The GlassWorm campaign disruption comes at a moment when attackers can quickly reconstitut

critical · other · May 28, 2026

Cruise giant Carnival

The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of April, Carnival determined that the attacker had copied personal

high · tech · May 27, 2026

Nx Nx Console

Nx Console Embedded Malicious Code Vulnerability — Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfusca

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 27, 2026

TanStack TanStack

TanStack Unspecified Vulnerability — TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a truste

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · government · May 27, 2026

FBI

In a public advisory issued Tuesday the FBI said a hacking group has targeted law firms using social engineering schemes to gain remote access to corporate systems and exfiltrate data.

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · government · May 27, 2026

FBI

The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]

View incident → Original disclosure Indexed 1 month, 1 week ago