Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5484+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5484
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

medium · other · Jun 24, 2026

LastPass

Password manager LastPass is still dealing with the settlement from its 2022 data breach (see Related Posts, below, for background on that), but now it has another breach to disclose. Zack Whittaker reports: Password man

View incident → Original disclosure Indexed 1 week, 2 days ago
medium · other · Jun 24, 2026

LastPass

Password manager LastPass is still dealing with the settlement from its 2022 data breach (see Related Posts, below, for background on that), but now it has another breach to disclose. Zack Whittaker reports: Password man

View incident → Original disclosure Indexed 1 week, 2 days ago
medium · other · Jun 23, 2026

LastPass

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. [...]

View incident → Original disclosure Indexed 1 week, 3 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability — Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that coul

View incident → Original disclosure Indexed 1 week, 3 days ago
medium · other · Jun 23, 2026

Tata Electronics

Tata Electronics has confirmed in a statement to BleepingComputer that it was the target of a cyberattack that impacted parts of its IT infrastructure. [...]

View incident → Original disclosure Indexed 1 week, 3 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability — Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to

View incident → Original disclosure Indexed 1 week, 3 days ago
high · finance · Jun 23, 2026

Change your cyber risk strategy

CSOs must re-write their cyber risk strategies because threat actors are increasing using AI to evade defenses, says a group of national cybersecurity agencies – a call that one expert immediately complained is too vague

View incident → Original disclosure Indexed 1 week, 3 days ago
critical · healthcare · Jun 23, 2026

Xsolis Data Breach Impacts 1.4

Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a data breach impacting near

View incident → Original disclosure Indexed 1 week, 3 days ago
high · tech · Jun 23, 2026

Lantronix EDS5000

Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe

View incident → Original disclosure Indexed 1 week, 3 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability — Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injectio

View incident → Original disclosure Indexed 1 week, 3 days ago
critical · other · Jun 23, 2026

Healthtech firm Xolis

Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]

View incident → Original disclosure Indexed 1 week, 3 days ago
critical · tech · Jun 23, 2026

DifyTap

Four flaws in Dify exposed cross-tenant data, documents and AI conversations. Two critical bugs enabled unauthenticated access and data theft. Zafran Labs researchers disclosed four vulnerabilities in Dify, the open-sour

View incident → Original disclosure Indexed 1 week, 3 days ago
medium · other · Jun 23, 2026

Klue

Customer data from several prominent cybersecurity firms was among that of hundreds of potential enterprise victims.

View incident → Original disclosure Indexed 1 week, 3 days ago
medium · other · Jun 23, 2026

Tata Electronics

Indian manufacturer Tata Electronics said a recent cybersecurity incident had "no impact" on operations. A cybercrime group had said it stolen confidential documents from the company.

View incident → Original disclosure Indexed 1 week, 3 days ago