Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5492+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5492
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

critical · legal · May 22, 2026

Radiology Associates of Richmond

On July 1, 2025,  Radiology Associates of Richmond (“RAR”) reported a breach to HHS that had occurred in April 2024 and affected more than 1.4 million patients. By the end of July 2025, the well-known radiolo

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · government · May 22, 2026

Lawmakers Demand Answers as CISA

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · government · May 22, 2026

Proposed State Laws For Breach

Joseph Lazzarotti of JacksonLewis writes: State breach-notification laws continue to evolve, and legislatures are using 2026 sessions to tighten consumer protections and shift the civil liability landscape that often fol

View incident → Original disclosure Indexed 1 month, 1 week ago
critical · finance · May 22, 2026

Identity as the primary attack

The “retro” way “The thing about the old days is… they are the old days” – Slim Charles, The Wire Protecting a specified network perimeter was the main focus of enterprise security strategy for several decades. Bus

View incident → Original disclosure Indexed 1 month, 1 week ago
critical · other · May 21, 2026

Operation Saffron

Bitdefender reports: An international law enforcement operation led by France and the Netherlands dismantled First VPN, a cybercriminal anonymization service used by ransomware actors, fraudsters, and data thieves across

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · other · May 21, 2026

Google accidentally

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 21, 2026

Trend Micro Apex One

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability — Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key tab

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 21, 2026

Langflow Langflow

Langflow Origin Validation Error Vulnerability — Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=Non

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · May 20, 2026

Microsoft Defender

Microsoft Defender Link Following Vulnerability — Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.

View incident → Original disclosure Indexed 1 month, 2 weeks ago
critical · other · May 20, 2026

GitHub

Github, which hosts code for more than 100 million developers worldwide, confirmed the breach on social media after TeamPCP advertised stolen source code on a cybercrime forum.

View incident → Original disclosure Indexed 1 month, 2 weeks ago