Recent Data Breaches — Live Disclosure Tracker

Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability — Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attack

View incident → Original disclosure Indexed 5 months, 1 week ago

medium · tech · Nov 20, 2025

International Kiteboarding Organization

340,349 records exposed — Email addresses, Geographic locations, Names, Usernames

View incident → Original disclosure Indexed 5 months, 1 week ago

medium · retail · Nov 20, 2025

Vultr

187,872 records exposed — Email addresses, Geographic locations, IP addresses, Names

View incident → Original disclosure Indexed 5 months, 1 week ago

high · tech · Nov 20, 2025

Beckett Collectibles

1,041,238 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more

View incident → Original disclosure Indexed 5 months, 1 week ago

medium · retail · Nov 20, 2025

Eurofiber

10,003 records exposed — Email addresses, Names, Phone numbers

View incident → Original disclosure Indexed 5 months, 1 week ago

high · tech · Nov 19, 2025

Google Chromium V8

Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.

View incident → Original disclosure Indexed 5 months, 2 weeks ago

critical · retail · Nov 18, 2025

Walmart (eCommerce)

3.5M marketplace seller records exposed via compromised Walmart Connect advertising platform

View incident → Original disclosure Indexed 5 months, 2 weeks ago

high · tech · Nov 18, 2025

Datadog Monitoring Platform

240K customer APM configurations exposed via compromised CI/CD signing key

View incident → Original disclosure Indexed 5 months, 2 weeks ago

high · education · Nov 18, 2025

Kaplan Education

230K+ people affected — SSNs and driver's license numbers stolen from test prep provider

View incident → Original disclosure Indexed 5 months, 2 weeks ago

high · tech · Nov 18, 2025

Fortinet FortiWeb

Fortinet FortiWeb OS Command Injection Vulnerability — Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via c

View incident → Original disclosure Indexed 5 months, 2 weeks ago

high · healthcare · Nov 15, 2025

Denver Health

480K patient records stolen in targeted attack

View incident → Original disclosure Indexed 5 months, 2 weeks ago

high · tech · Nov 14, 2025

Fortinet FortiWeb

Fortinet FortiWeb Path Traversal Vulnerability — Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted

View incident → Original disclosure Indexed 5 months, 2 weeks ago

critical · healthcare · Nov 12, 2025

NewYork-Presbyterian Hospital

850K patient records exposed via compromised clinical documentation vendor

View incident → Original disclosure Indexed 5 months, 3 weeks ago

high · finance · Nov 12, 2025

American Express (AMEX)

680K card member records exposed via compromised merchant processing partner system

View incident → Original disclosure Indexed 5 months, 3 weeks ago

Recent Data Breach Disclosures

Latest Disclosures