Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5493+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5493
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

high · tech · Apr 24, 2026

SimpleHelp SimpleHelp

SimpleHelp Path Traversal Vulnerability — SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip).

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

D-Link DIR-823X

D-Link DIR-823X Command Injection Vulnerability — D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

SimpleHelp SimpleHelp

SimpleHelp Missing Authorization Vulnerability — SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

Samsung MagicINFO 9 Server

Samsung MagicINFO 9 Server Path Traversal Vulnerability — Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

View incident → Original disclosure Indexed 2 months, 1 week ago
critical · tech · Apr 23, 2026

RAMP Uncovered

Pierluigi Paganini reports: A leaked database from RAMP gives us a rare look behind the curtain. It shows how cybercrime works when it becomes structured, commercial, and repeatable. Instead of random hackers acting alon

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 23, 2026

Marimo Marimo

Marimo Remote Code Execution Vulnerability — Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.

View incident → Original disclosure Indexed 2 months, 1 week ago
medium · government · Apr 23, 2026

Claude Mythos signals a new

The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this

View incident → Original disclosure Indexed 2 months, 1 week ago
medium · other · Apr 23, 2026

Luxury cosmetics giant Rituals

Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My Rituals members after att

View incident → Original disclosure Indexed 2 months, 1 week ago
medium · other · Apr 23, 2026

Cosmetics giant Rituals

Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its "My Rituals" membership database. [...]

View incident → Original disclosure Indexed 2 months, 1 week ago
critical · other · Apr 23, 2026

RAMP Uncovered

Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of h

View incident → Original disclosure Indexed 2 months, 1 week ago
medium · government · Apr 23, 2026

UK’s NCSC calls passkeys the

The UK’s National Cyber Security Centre (NCSC) is recommending passkeys as the default authentication method for businesses to offer consumers, citing industry progress that now makes them a more secure and user-friendly

View incident → Original disclosure Indexed 2 months, 1 week ago