Recent Data Breaches — Live Disclosure Tracker

Latest Disclosures

critical · government · Feb 25, 2026

State of California (DMV Vendor)

2.4M drivers license records exposed via compromised address verification contractor

View incident → Original disclosure Indexed 2 months, 1 week ago

high · legal · Feb 25, 2026

VIQ Solutions (Court Transcripts)

Legal transcription vendor breach — sensitive court proceedings compromised via subcontractor

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · retail · Feb 25, 2026

Canadian Tire

1.1M customer loyalty records exposed in platform breach

View incident → Original disclosure Indexed 2 months, 1 week ago

high · tech · Feb 25, 2026

Cisco SD-WAN Path Traversal Vulnerability — Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands w

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · tech · Feb 24, 2026

Bell Canada (2026)

2.2M customer records exposed via compromised residential internet provisioning system

View incident → Original disclosure Indexed 2 months, 1 week ago

high · tech · Feb 24, 2026

Soliton Systems K.K FileZen

Soliton Systems K.K FileZen OS Command Injection Vulnerability — Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product and sends a specially crafted HTTP

View incident → Original disclosure Indexed 2 months, 1 week ago

high · government · Feb 23, 2026

Raytheon Technologies

430K defense contractor employee records and clearance data compromised via vendor

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · healthcare · Feb 23, 2026

University of Mississippi Medical Center

University of Mississippi Medical Center is still scrambling to respond to a ransomware attack last Thursday

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · other · Feb 23, 2026

Leading Semiconductor Supplier Advantest Hit

Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident

View incident → Original disclosure Indexed 2 months, 1 week ago

high · finance · Feb 22, 2026

PwC (Global)

380K audit client records exposed via compromised file transfer platform

View incident → Original disclosure Indexed 2 months, 1 week ago

high · finance · Feb 22, 2026

Sun Life Financial (Canada)

890K group benefits records compromised via ransomware at claims administrator

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · tech · Feb 22, 2026

CarGurus

12,461,887 records exposed — Email addresses, IP addresses, Names, Phone numbers and 1 more

View incident → Original disclosure Indexed 2 months, 1 week ago

high · finance · Feb 21, 2026

Deloitte (Client Data)

240K audit client records from 12 countries exposed via compromised GlobalProtect VPN

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · tech · Feb 20, 2026

Atlassian Confluence Cloud

4.8M wiki pages from enterprise customers exposed via critical authentication bypass

View incident → Original disclosure Indexed 2 months, 1 week ago

high · government · Feb 20, 2026

Province of Quebec (Revenu)

670K taxpayer records exposed via compromised e-filing integration at provincial revenue agency

View incident → Original disclosure Indexed 2 months, 1 week ago

high · tech · Feb 20, 2026

Roundcube Webmail

RoundCube Webmail Cross-site Scripting Vulnerability — RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.

View incident → Original disclosure Indexed 2 months, 1 week ago

high · government · Feb 20, 2026

VIQ Solutions (Canada)

Sensitive court transcripts compromised after Indian subcontractor breach — ignored warnings

View incident → Original disclosure Indexed 2 months, 1 week ago

medium · retail · Feb 20, 2026

CarMax

431,371 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Original disclosure Indexed 2 months, 1 week ago

high · tech · Feb 20, 2026

Roundcube Webmail

RoundCube Webmail Deserialization of Untrusted Data Vulnerability — RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authenticated users because the _from

View incident → Original disclosure Indexed 2 months, 1 week ago

high · government · Feb 19, 2026

Hydro-Quebec (Canada)

640K customer billing records exposed via compromised metering data system

View incident → Original disclosure Indexed 2 months, 1 week ago

high · education · Feb 19, 2026

University of Sydney (Australia)

340K student records including visa and financial information exposed in targeted attack

View incident → Original disclosure Indexed 2 months, 1 week ago

high · finance · Feb 18, 2026

Figure

967,178 records exposed — Dates of birth, Email addresses, Names, Phone numbers and 1 more

View incident → Original disclosure Indexed 2 months, 2 weeks ago

critical · finance · Feb 18, 2026

CIBC (Canada)

1.2M customer records compromised via third-party mortgage processing vendor

View incident → Original disclosure Indexed 2 months, 2 weeks ago

high · tech · Feb 18, 2026

Dell RecoverPoint for Virtual Machines (RP4VMs)

Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability — Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an un

View incident → Original disclosure Indexed 2 months, 2 weeks ago

Recent Data Breach Disclosures

Latest Disclosures